Disaster  area  Two  years  after  the  Sept  11  terrorist 

attacks,  much  work  is  left  to  be  done  on  disaster-recovery  plans.  PAGE  8. 


Router  rage?  Netgear  flaw  unleashes  flood  of  traffic 

that  buries  the  University  of  Wisconsin's  routers.  PAGE  12. 
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Proprietary 
servers  keep 
losing  ground 


■  BY  JENNIFER  MEARS 

When  B.FGoodrich  spun  off  its 
performance-materials  division 
in  February  2001,  it  created  a  $1 
billion  specialty  chemical  com¬ 
pany  that  found  itself  supporting 
multiple  server  platforms  better- 
suited  for  a  $5  billion  corpora¬ 
tion.  First  on  the  new  company’s 
to-do  list  was  to  revamp  its  server 
hardware. 

See  Servers,  page  14 


High  standards 

Intel-based  servers 
continue  to  outship  RISC 
boxes. 

Server 

shipments  1.12  million 


Understanding  MPLS,  IPSec  and  SOAP 
isn’t  enough  anymore.  IT  execs  now 
have  to  know  their  way  around  HIPAA, 
GLBA  and  SOA.  Compliance  with  these 
federal  regulations  is  falling  squarely 
on  IT,  and  the  cost  is  expected  to 
total  in  the  billions  of  dollars. 


OQO  QOO 


118.837 
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Microsoft 
to  revamp 
patch  mgmt. 
software 


■  BY  JOHN  FONTANA 

In  the  wake  of  recent  ugly 
worm  episodes,  Microsoft  is  plan¬ 
ning  to  overhaul  its  much  ma¬ 
ligned  patch  management  archi¬ 
tecture  in  an  effort  to  ease  the 
frustrations  of  corporate  users. 
Company  officials  say  they  are: 

creating  a  _  „ 

■  Microsoft 
common  cou|d  spark 

assessment  corporate  IM. 

engine  that  Page  21. 

would  verify 

whether  patches  are  needed; 
adding  automatic  update  capa¬ 
bilities  to  every  product,  includ¬ 
ing  Office,  Exchange  and  SQL 
Server;  standardizing  uninstaller 
technology;  and  reducing  patch 
sizes  to  conserve  bandwidth  dur¬ 
ing  deployment.  Those  offerings 
will  be  added  to  changes  the 
company  announced  two 
See  Microsoft,  page  49 


Auto  industry  portal  kicks  into  high  gear 


Q1  2002  Q1 2003 

■  Intel  architecture  ■  RISC 

SOURCE  GARTNER  WORLDWIDE  SERVER 
MARKET  TRENDS.  Q103 


■  BY  ELLEN  MESSMER 

DETROIT  — The  Big  Three  auto¬ 
makers  are  finally  ready  to  make 
Covisint,  the  business-to-business 


Web  portal  they  founded  three 
years  ago  to  reach  suppliers,  the 
central  engine  in  their  e-com¬ 
merce  and  messaging  systems. 

At  last  weeks  Auto-Tech  confer¬ 
ence,  DaimlerChrysler  said  by 
year-end  it  would  phase  out  its 
private  supplier  extranet  and  use 
Covisint  to  do  business  with  its 
9,000  suppliers.  Ford  said  it  in¬ 
tends  to  use  Covisint  to  exchange 
electronic  data  interchange  (EDI) 
orders  and  design  data.  And  alt¬ 
hough  GM  will  continue  to  use  its 
own  SupplyFbwer  Web  portal,  the 
See  Covisint  page  16 


HThere  s  a  huge  inefficiency 
for  suppliers  that  have  30 
passwords  and  IDs,  and  the 
Covisint  federated  logon  is  our 
way  to  have  a  single  ID  for  all 
authorized  applications.  9  9 

Dave  Miller 
CSO,  Covisint 
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'Nemertes  Research,  Implementing  IP  Telephony  Report,  July  2003 
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It  is  an  independent  study 


It’s  Shoreline. 


In  a  new  Nemertes  Research  study,  Shoreline  dominated. 

It  was  the  only  company  reviewed  that  specializes  in  IP  PBX 
systems  for  the  enterprise. 

#1  in  every  category. 

Shoreline  was  rated  #1  for  system  ease  of  use,  manageability, 
performance,  technology,  cost  effectiveness  AND  customer 
service.  Rated  #1  for  delivering  just  what  you  want. 


You’ll  get  an  IP  PBX  solution 

that’s  easy  to  install  and  manage,  specifically  designed  for  IP 
Telephony  from  the  start.  With  a  single-system  view  and  the 
ability  to  run  your  entire  multi-site  network,  it  is  the  solution 
that  can  make  your  people  more  productive...  the  solution 
judged  #1  by  the  IT  professionals  who  have  experience 
installing  IP  PBXs. 

For  your  free  copy  of  the  Nemertes  Research  executive  sum¬ 
mary,  visit  our  web  site  at  http://networld.goshoreline.com 
or  call  1-877-80SHORE. 
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Image  is  everything: 

Banks  nationwide  are  replacing  a  slow,  paper-based,  check-imaging 
system  with  an  electronic  network  that  is  expected  to  save  them 
an  estimated  S2  billion  annually.  Page  34. 
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responsibility  for  compliance  is  falling  squarely  on  the  shoulders  of 
the  IT  department.  Page  38. 
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HP's  hi  935  is 
the  least  expen¬ 
sive  iPaq  so  far. 
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installed  firewalls?  Fusion  Executive  Editor  Adam  Gaffin 
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ponders  the  notion. 

DocFinder:  7445 

Wireless  Wizards 

Improving  wireless  handoffs 

The  wizards  offer  tips  for  improving  the  effectiveness  of  a 
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report  faults  two  agencies  charged  with  promoting  the 
practice. 
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The  Good  rhi  Bad  he  Ugly 


Let  the  court  battle  begin 

■  As  expected,  some  service  providers  are  suing  the  FCC  over  its 
Triennial  Review  order  issued  two  weeks  ago  (www.nwfusion.com, 
DocFinder:  7454). The  order  sets  competition  rules  that  pertain  to 
how  the  four  regional  Bell  operating  companies  share  their  net¬ 
works  with  competitors  at  discounted  rates.Verizon  and  the  United 
States  Telecom  Association,  which  represents  local  telephone  com¬ 
panies,  separately  filed  suits  against  the  FCC  claiming  the  commis¬ 
sion’s  ruling  is  illegal. The  USTA  suit  is  backed  by  BellSouth,  Qwest 
and  SBC.The  groups  suit  claims  the  FCC  “ignored  existing  lawf 


SpongeBlob  Fiber-opticPants? 

Who  knew  that  sponges  are  useful  for  more 
than  washing  dishes  and  inspiring  kids’ 
cartoon  shows?  According  to  new  research 
in  the  latest  issue  of  the  journal 
Nature,  the  telecom  industry  might  have 
a  few  things  to  learn  from  the  deep- 
sea  glass  sponge  Euplectella  (a  good 
name  for  a  network  industry  start¬ 
up?).  Parts  of  the  sponge,  called 
spicules,  have  properties  similar  to  fiber¬ 
optic  cables,  such  as  their  ability  to  conduct 
light,  but  they  are  stronger  and  develop  at 
lower  temperatures  than  man-made  fiber  optics.  > 


BRIAN  6AI0RY 


&  Cover  story.  Sprint  is  redoing  the  cover  of  a  phone  book  it  has  distributed 
to  thousands  of  customers  in  central  Florida  after  being  alerted  to  the  fact  that 
the  colorful  flower  petals  featured  on  the  front  of  the  publication  are  from  the  opium¬ 
bearing  poppy  used  to  make  heroin,  according  to  an  Associated  Press  report.  The 
picture  was  selected  from  stock  art  for  its  colorfulness,  but  those  involved  didn't 
realize  the  error  of  their  ways  until  a  newspaper  pointed  it  out,  a  Sprint  spokeswoman 
told  the  AP. 


Busting  the  Blaster  author 

■  U.S.  cyberinvestigators  arrested  a  Minnesota  man  Friday  on  charges  of  unleashing  a 
damaging  virus-like  infection  weeks  ago  on  the  Internet,  an  Associated  Press  report  said. 
The  court  in  Minnesota  identified  the  teenager  as  Jeffrey  Lee  Parson,  18,  known  online  as 
“teekid."A  U.S. official  in  Washington,  D.C., also  confirmed  an  arrest  was  made  early  Friday 
Collectively, different  versions  of  the  virus-like  worm, alternately  calIed“LovSan”or“Blaster” 
snarled  corporate  networks  worldwide.  Investigators  do  not  suspect  the  man  was  the  cre¬ 
ator  of  the  original  Blaster  worm.That  person  has  not  yet  been  found,  the  source  said. 

Under  the  sea 

■  U.S.  phone  companies  could  be  forced  to  protect  the  coral  if  the  state  of  Florida  adopts 
rules  this  week  governing  how  and  where  they  lay  fiber  cables  under  the  sea. The  lines 
carry  telephone  and  Internet  traffic  between  Florida  and  Europe,  Latin  America  and  the 
Caribbean,  but  environmentalists  say  the  cables  destroy  the  coral.  According  to  the 
Reuters  news  service,  Florida’s  cabinet  is  scheduled  to  examine  a  proposal  to  ban  under¬ 
sea  cables  in  some  places  or  to  make  phone  companies  drill  under  the  seabed  in  others 
rather  than  lay  phone  lines  over  coral  reefs.  The  North  American  Submarine  Cable 
Association,  which  includes  AT&T  and  MCI,  has  played  down  the  effect  of  cables  on  coral 
reefs  and  say  they  already  incur  extra  charges  for  drilling  under  coral  when  possible  and 
for  installing  artificial  reef  structures  where  needed.  Other  states,  such  as  California,  are 
looking  at  similar  rules. 

Bumin’  down  the  house 

■  IBM  is  expanding  an  earlier  recall  of  15-inch  computer  monitors  after  63,000  more  were 
found  to  be  at  risk  of  overheating  and  smoking,  which  poses  a  fire  hazard  to  consumers. 
IBM  said  it  has  received  seven  reports  of  circuit  boards  overheating  causing  smoke  and 
fire.  Big  Blue  announced  the  original  recall  in  March.That  recall  included  56,000  monitors 
sold  nationwide  from  June  to  September  1997. The  latest  includes  models  built  through 
September  1998  and  sold  through  December  1998.The  recalled  monitors  are  the  G51  CRT 
and  G5 1 1  Touch  Screen  CRT  models  bearing  model  numbers  654 1-02N.654 1-02E.654 1-02S, 
654 1-QON,  654 1-QOE  and  654 1-QOS. 

That’s  a  big  computer 

■  A  2,000-processor  Intel  Itanium  2  supercomputer  at  the  U.S.  Department  of  Energy’s 
Pacific  Northwest  National  Labs  has  edged  out  Lawrence  Livermore  National  Lab’s  Intel 
Xeon-based  Multiprogrammatic  Capability  Cluster  for  the  title  of  world’s  fastest  Linux 
supercomputer,  according  to  PNNL  PNNL  last  week  said  it  had  completed  an  upgrade  of 
the  1 ,400  1  0-GHz  Itanium  2  McKinley  processors  in  its  supercomputer  in  Richland, Wash., 
boosting  the  system's  peak  performance  from  6.2  trillion  floating  point  operations  per  sec¬ 
ond  (T  FLOPS)  to  1 1 ,8T  FLOP’S  The  new  processors  run  at  1 .5  GHz.The  box  is  about  1 1 ,800 
times  faster  than  the  average  PC.  PNNL  say’s.  The  3,00(>squarefoot,  $24.5  million  system 


W  Zippo  site  flames  out  Bowing  to  pressure  from  public  safety 
officials,  lighter  maker  Zippo  has  snuffed  out  a  company-sponsored  Web  site 
(zippotricks.com)  promoting  more  than  500  tricks  that  can  be  done  with  its  products. 
The  site’s  founder  headlined  a  letter  to  his  followers  -  called  TrickHeads  -  with 
the  declaration:  "Game  over!" 

will  be  used  for  computationally  intensive  tasks,  such  as  studying  basic  chemistry  and 
biology,  and  modeling  how  leaked  radioactive  material  might  move  underground. 

Microsoft  extends  Exchange  life 

■  Microsoft  last  week  gave  in  to  the  drawn-out  migration  timetables  of  its  Exchange  5.5 
customers  and  said  it  would  offer  a  free  year  of  extended  support  on  the  server.  Microsoft 
says  it  hopes  the  year  of  free  support  —  which  includes  hot  fixes,  security  hot  fixes  and 
pay-per-incident  support  —  will  give  users  extra  time  to  migrate  and  guarantee  they  move 
to  Exchange  2000  or  Exchange  2003,  which  is  set  to  ship  Oct. 21. The  company  also  hopes 
it  will  keep  customers  from  jumping  to  rival  platforms.  Microsoft  would  like  to  keep  its 
more  than  100  million  Exchange  users  around  for  the  “Kodiak”  version  that  figures  promi¬ 
nently  in  its  .Net  platform  strategy.  Kodiak  isn’t  expected  to  ship  until  2006.  Last  November, 
Microsoft  announced  that  mainstream  support  of  Exchange  5.5  would  end  on  Dec.  31, 
2003.The  company  now  is  waiving  the  first  year  of  the  fee,  which  varies  depending  on  the 
number  of  hot  fixes  a  customer  requests.  Extended  support  ends  for  good  on  Dec. 31 ,2005, 
and  no  form  of  support  will  be  available  after  that  date.  Microsoft  has  tried  to  nudge  cus¬ 
tomers  off  the  aging  Exchange  5.5  platform,  which  shipped  in  February  1998, ever  since  it 
shipped  Exchange  2000  in  November  2000.  And  with  the  impending  launch  of  Exchange 
2003, the  company  would  like  to  accelerate  the  migration  process.About  60%  of  Exchange 
customers  are  still  on  the  5.5  platform. 

Spammers  targeted 

■  EarthLink  said  last  week  it  filed  suit  against  two  unsolicited  commercial  (spam)  e-mail 
rings  with  operations  in  the  U.S.  and  Canada. The  ISP  is  suing  to  recover  an  estimated  $5 
million  in  lost  employee  productivity  and  Internet  bandwidth  that  it  claims  was  spent 
managing  more  than  250  million  e-mail  messages  sent  from  e-mail  addresses  on  its  net- 
work.The  suit  targets  two  unnamed  spam  concerns. The  first,  based  in  Birmingham,  Ala., 
is  believed  to  be  behind  a  variety  of  spam  campaigns  including  pitches  for“herbal  Viagra," 
pornography  and  online  dating  services.  A  second  ring  in  Vancouver,  British  Columbia, 
used  about  six  phone  numbers  to  connect  to  EarthLink  accounts  as  part  of  a  massive 
scheme  to  trick  Internet  users  into  passing  on  sensitive  information  such  as  account  pass¬ 
words  and  credit  card  numbers,  EarthLink  said.  Amazon.com  also  filed  suit  against  1 1 
online  marketers,  claiming  that  they  misappropriated  its  name  in  email  solicitations. 
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Microsoft's  VoIP  server 
could  shake  IP  PBX  market 


■  BY  PHIL  HOCHMUTH 

While  IP  PBX  vendors  duke  it 
out  for  market  share  in  the  con¬ 
verged  LAN/WAN  arena,  a  recent 
analyst  report  warns  not  to  count 
out  a  certain  software  vendor 
from  Redmond. 

A  report  from  IDC  identifies 
Microsoft  as  a  potential  force  in 
the  enterprise  telephony  market 
in  the  coming  years,  as  the  com¬ 
pany  moves  forward  with  its  strat¬ 
egy  for  converging  voice,  video 
and  chat  applications  into  its  PC 
and  server  operating  systems,  as 
well  as  its  Office  applications. 
Meanwhile,  some  voice-over-IP 
(VoIP)  vendors  are  partnering 
with  Microsoft  to  make  their 
equipment  and  applications 
work  together. 

“We’re  not  talking  about  every 
Microsoft  server  potentially 
becoming  a  PBX,”  says  IDC  ana¬ 
lyst  Tom  Valovic,  who  wrote  the 
report  on  Microsoft  and  the  VoIP 
market.  He  says  that  as  Microsoft 
pushes  deeper  into  the  market  for 
collaborative  applications  — - 
such  as  software  that  uses  Session 
Initiation  Protocol  (SIP)  to  facili¬ 
tate  multimedia  conferences  — 
telecom  vendors  and  IP  PBX 
companies  trying  to  build  the 
same  types  of  systems  could  butt 
heads  with  the  software  giant. 

Many  IP  PBX  vendors,  such  as 
Alcatel,  Mitel  and  Nortel,  are  bas¬ 
ing  their  gear  on  SIP  which  is  con¬ 
sidered  to  be  the  next-generation 
protocol  for  voice,  video  and 
instant-messaging  traffic.  In  addi¬ 


tion  to  setting  up  and  transport¬ 
ing  voice  and  video  calls,  the  pro¬ 
tocol  can  identify  information 
about  clients  —  whether  they’re 
on  a  phone,  videoconference  sta¬ 
tion  or  a  PDA  using  e-mail,  for 
example.SIP  also  brings  presence 
capabilities,  letting  end  users 
know  who’s  online  when,  and 
how  others  can  be  contacted. 

For  years  Microsoft  has  had 
computer  telephony  features  em¬ 
bedded  in  its  operating  systems 
in  products  such  as  NetMeeting, 
an  H.323-videoconferencing  ap¬ 
plication,  and  Exchange  Confer¬ 
encing  Server,  for  managing  data, 
voice  and  videoconferencing. 

Windows  XP  brought  along 
Microsoft  Windows  Messenger, 
which  turned  some  heads  in  the 
telecom  community  for  its  use 
of  SIP 

Speculation  about  what  Micro¬ 
soft  will  do  in  telephony  grew 
when  company  representatives 
began  showing  up  at  industry 
events  such  as  Voice  on  the  Net 
(VON),  and  later  when  it  an¬ 
nounced  development  of  its  Real 
Time  Communication  (RTC) 
Server,  code-named  Greenwich. 
RTC,  renamed  Live  Communi¬ 
cation  Server  2003,  is  due  out  this 
fall.  The  server  will  act  as  a  con¬ 
trol  node  for  managing  confer¬ 
ences  among  SIP  clients. 

Jasomi  to  reveal  firewall 
for  VoIP 

One  VoIP  equipment  vendor 
getting  a  jump  on  the  trend  is 
Jasomi  Networks,  which  will  de¬ 


but  a  product  at  this  month’s  VON 
show  in  Boston  that  can  enable 
any  standard  SIP-based  phone  to 
use  Microsoft’s  Live  Communi¬ 
cation  Server  to  make  a  call. 

The  product,  called  PeerFbint 
3.0,  is  a  network  appliance  that 
can  act  as  a  firewall  forVoiphelp- 
ing  SIP-based  traffic  securely  tra¬ 
verse  corporate  firewalls  to  reach 
an  IP  PBX.  PeerPoint  will  help 
translate  the  version  of  SIP  used 
on  most  industry-standard  IP 
phones  into  the  dialect  that 
Microsoft’s  SIP  server  speaks,  ac¬ 
cording  to  Jasomi  President  Dan 
Freedman. 

Freedman  says  Microsoft’s  SIP  is 
carried  over  the  TCP  layer  in  IP 
packets,  while  most  SIP  imple¬ 
mentations  use  User  Datagram 
Protocol  (UDP)  as  the  transport 
layer.  Using  TCP  lets  only  Win¬ 
dows  Messenger  clients,  and 
other  SIP  clients  configured  to 
run  SIP  onTCRuse  a  Microsoft  SIP 
server. 

While  Microsoft  Live  Communi¬ 
cation  Server  could  be  config¬ 
ured  as  a  SIP-based  call  control 
node,  industry  watchers  say  it’s 
unlikely  that  Microsoft  will  get 
into  the  enterprise  telephony 
business. 

“I  don’t  see  Microsoft  selling 
phones,”  IDC’s  Valovic  says, 
adding  that  IP  telephony  ven¬ 
dors  likely  will  seek  partnerships 
with  Microsoft  to  enhance  their 
offerings. 

Avaya,  Cisco,  Nortel  and 
Siemens  all  make  IP  PBXs  that 
run  on  Microsoft  Windows 
servers.  Many  vendors  also  now 
offer  products  on  platforms 
such  as  Linux  and  Sun’s  Solaris, 
partly  in  reaction  to  fears  about 
Microsoft  server  stability  in  light 
of  recent  Internet  worm  and 
virus  events. 

Siemens  recently  launched  its 
OpenScape  strategy  to  incorpo¬ 
rate  SIP-based  applications  with 
its  line  of  IP  telephony  gear. The 
German  PBX  maker  is  partnering 
with  Microsoft  to  deliver  this. 

“Our  [SIP-based  applications] 
are  clearly  going  to  rely  on 
Microsoft  Live  Communication 
Server  as  a  platform,”  says  Mark 
Straton,  marketing  vice  presi¬ 
dent  for  Siemens.  While  it  is  fore¬ 
seeable  that  Microsoft  servers 
could  be  put  to  use  as  IP  PBXs, 
he  does  not  foresee  this  as  a 
threat  to  companies  now  in  the 
IP  PBX  market.  ■ 


Microsoft's  voice  lessons 

Over  the  years,  Microsoft  has  developed  client  and 
server  hardware  for  running  voice  and  video  over  IP. 

1999  Microsoft  debuts  NetMeeting  as  part  of  its  Windows  9x 
operating  system. The  software  uses  an  H.323  stack  to 
provide  voice  and  videoconferencing  over  the  Internet. 

2000  Microsoft  releases  Exchange  Conferencing  Server,  its  first 
dedicated  server  for  data,  voice  and  videoconferencing, 
with  support  for  TAPI  3.0  and  H.323.The  server  is  no  longer 
underdevelopment  and  will  be  replaced  by  Live 

Communication  Server  2003. 

2001  Windows  XP  is  shipped  with  Microsoft  Windows  Messenger, 
the  successor  to  NetMeeting,  which  is  based  on  SIP,  and 
includes  instant  messaging,  along  with  voice  and  video 

calling  features 

2003  Microsoft  will  ship  its  Live  Communication  Server  2003  in 
the  fall.The  SIP-based  communications  control  server 
could  let  users  to  set  up  voice,  video  or  chat  sessions  over 
a  LAN  or  across  the  Internet. 


NetScreen  to  add 
application  layer 
security  to  gear 

■  BY  TIM  GREENE 

NetScreen  Technologies  later  this  year  will  improve  its  security  prod¬ 
ucts  to  help  customers  combat  attacks  disguised  as  innocuous  traffic 
that  might  sneak  by  traditional  firewalls. 

By  incorporating  technology  it  gained  when  it  bought  OneSecure 
last  year,  NetScreen  will  add  the  ability  to  inspect  packets  at  the  appli¬ 
cation  level  to  detect  and  thwart  threats  that  make  their  way  through 
firewall  ports  left  open  for  Web  traffic,  for  example.  This  will  comple¬ 
ment  NetScreen’s  current  firewall, which  protects  against  network  layer 
attacks  by  methods  such  as  selectively  blocking  TCP  ports. 

Adding  application  protection  pits  the  company  against  vendors 
specializing  in  this  technology  such  asTeros  and  Sanctum, and  secu¬ 
rity  vendors  such  as  Symantec.  NetScreen’s  new  firewall  also  follows 
a  trend  of  VPN  vendors  toward  supporting  application  security  (see 
graphic,  below). 

“Network-layer  security  only  takes  you  so  far. Worms  get  through  open 
ports  in  firewalls  and  masquerade  as  harmless  traffic  —  instant  mes¬ 
saging,  e-mails, ’’says  Jeff  Wilson,  research  director  for  Infonetics.  He  says 


Beyond  VPN 

Key  VPN  competitors  already  have  some  of  the  other 
security  features  NetScreen  is  still  working  on. 

|  Company  SSL  remote  access 

Application  security  | 

Check  Point  ForWeb  applications 

j  Yes 

Cisco  No  (to  announce  this  fall) 

Via  partners 

Nortel  Yes 

-  . 

Via  Check  Point 

customers  will  have  to  wait  for  this  technology  to  be  incorporated  in 
NetScreen  gear  before  it  can  be  evaluated  because  OneSecure  didn’t 
have  much  of  a  track  record  to  judge  by  before  NetScreen  bought  it. 

By  inspecting  packets  more  deeply  than  a  network-layer  firewall, 
application  security  identifies  application  sessions  and  looks  for  illicit 
behavior.  Based  on  user  controlled  policies,  suspect  traffic  can  be 
dropped. 

NetScreen’s  firewall  and  VPN  equipment  ranges  from  hardware  and 
software  with  12G  bit/sec  firewall  throughput  designed  for  data  cen¬ 
ters  to  20M  bit/sec  firewall/VPN  appliances  meant  for  telecommuter 
offices.The  company  last  week  hinted  at  a  variety  of  imminent  prod¬ 
uct  upgrades  during  a  briefing  that  was  long  on  direction  and  short 
on  product  details. 

The  company  will  announce  specifics  about  the  form  its  applica¬ 
tion  security  will  take  by  year-end,  says  Robert  Ma,  senior  director  of 
product  management  and  marketing  for  the  company. 

NetScreen  also  is  looking  to  upgrade  its  GlobalPro  management 
platform  to  make  it  possible  to  grant  different  levels  of  access  to  the 
security  gear.  For  example,  a  security  auditor  would  have  no  need  to 
alter  security  policies,  but  would  need  to  view  what  those  policies 
are,  Ma  says. 

“It  should  let  you  do  what  you  need  to  do  without  letting  you  access 
too  much,”  he  says.  Support  for  role-based  access  will  be  added  with 
a  new  version  of  GlobalPro  later  this  year  that  also  will  include  a  new 
user  interface  to  make  deployment  easier,  he  says. 

NetScreen  still  has  no  firm  plans  for  adding  Secure  Sockets  Layer 
(SSL)  remote-access  capabilities  to  its  gear,  Ma  says.  But  he  acknowl¬ 
edges  that  customers  are  asking  about  it  because  it  is  easier  to  deploy 
and  is  adequate  for  many  remote-access  needs. 

“Customers  definitely  see  a  place  for  both  [IP  Security]  VPNs  and 
SSL  VPNs,”  Ma  says.  And  he  says  SSL  remote  access  is  less  costly  than 
VPN  remote  access.“We  are  definitely  looking  into  it,”  he  says.B 
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M  SEPT.  11  SECOND  ANNIVERSARY  FINDS  MANY  COMPANIES  REMAIN  VULNERABLE 

Disaster-recovery  plans  still  need  work 


■  BY  DENI  CONNOR 

Nearly  two  years  after  the  Sept. 
11  attacks,  many  organizations 
remain  woefully  unprepared  to 
quickly  recover  their  IT  systems 
and  key  business  processes  in  the 
event  of  a  disaster. 

While  interest  in  disaster-recov¬ 
ery  systems  peaked  in  the  imme¬ 
diately  after  the  terrorist  siege,  IT 
managers  acknowledge  they 
have  yet  to  follow  through  on 
many  of  their  intentions.  A  lack  of 

Ready ...  or  not? 

In  a  Harris  Poll  of  52  CEOs 
and  other  executives  at 
FortunelOOO  companies, 

58% 

said  their  organization 
has  disaster 

preparedness  training  for 
employees  who  deal  with 
information  access. 

\ _ / 


funds  has  been  a  big  reason,  but 
other  factors  include  miscommu- 
nication  between  IT  executives 
and  other  top  executives,  and  the 
realization  by  some  companies 
that  their  basic  IT  infrastructures 
needed  shoring  up  first. 

“Since  9/11,  we  have  built  in 
replication  services,  but  don’t 
have  an  off-site  location  yet  to 
replicate  data  to,” says  Rich  Banta, 
senior  enterprise  systems  engi¬ 
neer  for  St.  Vincent  Hospital  and 
Health  Services  in  Indianapolis, 
which  backs  up  data  onsite  and 
stores  tapes  at  another  one.  “We 
plan  to  do  mirroring  over  fiber¬ 
optic  [cables]  in  the  next  six 
months,  although  it’s  not  cheap,” 
he  says,  adding  it  would  cost  of  at 
least  $2,000  a  month  per  mile. 

Maimonides  Medical  Center  in 
New  York  also  cited  financial 
issues  for  stalling  its  advanced 
data  replication  ambitions. 

“After  9/11,  the  government 
made  available  [Federal  Emer¬ 
gency  Management  Agency] 
money  for  hot  sites,”  says  Mark 
Moroses,  senior  director  of  tech¬ 
nical  services  and  security  offi¬ 
cer  at  the  healthcare  organiza¬ 


PeopleSoft  refund  offer 
aims  to  assure  customers 

■  BY  JOHN  COX 

PeopleSoft  took  another  jab  at  Oracle  last  week,  as  part  of  its 
aggressive  defense  against  the  database  giant’s  hostile  takeover  bid. 

PeopleSoft  confirmed  it  will  renew  an  offer  to  pay  customers  two 
to  five  times  their  original  software  license  fees  if  the  company  is 
acquired, and  the  acquirer  —  Oracle  —  decides  to  scrap  the  People- 
Soft  ERP  and  CRM  application  products.  PeopleSoft  originally  made 
the  offer  in  the  second  quarter,  after  Oracle  had  announced  its 
takeover  bid. 

In  its  end-of-quarter  filings  to  the  Securities  and  Exchange 
Commission, PeopleSoft  reported  that  the  cost  of  the  refund  program 
had  reached  $391  million.  The  company  is  making  the  offer  again 
during  this,  its  third,  quarter. 

The  obligations  are  designed  to  make  it  even  more  expensive  for 
Oracle  to  complete  its  hostile  takeover  bid,  which  has  climbed  from 
$5.1  billion,  or  $16  per  share,  in  early  June  to  $7.5  billion,  or  $19.50 
per  share. 

“It  was  an  insurance  policy  [for  our  customers  and  prospects],” 
says  a  FVopleSoft  spokesman  Steve  Swasey. 

The  refunds,  Swasey  says,  would  be  “like  a  debt  or  any  other  liabil¬ 
ity"  and  Oracle  would  inherit  that  liability.  Oracle  had  not  returned  a 
call  requesting  comment. 

Oracle  had  said  it  would  move  PeopleSoft  customers  to  its  own 
products  if  the  merger  were  to  occur.  But  PeopleSoft  customers 
balked  at  that  plan  and  Oracle  backed  away  from  the  idea. 

For  its  pan  Oracle  says  it  doesn't  believe  its  business  plans  would 
trigger  the  refunds.  Oracle  executives  say  PeopleSoft’s  products 
would  be  supported  for  at  least  a  decade  after  the  takeover.  ■ 


Disaster  recovery  to  go 

Here’s  a  checklist  of  items  that  are  key  to  a  good 
disaster-recovery  plan. 

• 

Select  a  coordinatorto  develop  plan  objectives,  a  methodology 
and  an  overview. 

Identify  critical  business  processes  and  systems. 

• 

Formulate  hardware  system  and  end-user  recovery  objectives, 
and  identify  critical  network  operations. 

• 

Assess  threats  —  fire,  environmental  contamination,  physical 
and  software  security. 

• 

Create  a  records-retention  procedure. 

• 

Implement  a  back-up  and  storage  strategy. 

• 

Define  and  test  storage,  back-up  and  application  systems. 

• 

Identify  an  alternate  site  for  end-users  to  work  out  of  and 
contract  with  provisioning  vendors. 

• 

Develop  network  recovery  and  relocation  strategies,  as  well 
as  replacement  options  for  hardware  and  service. 

• 

Implement  a  hot  site. 

© 

Define  teams,  develop  notification  tree,  document  disaster- 
recovery  plan  and  test  plan. 

SOURCE:  STORAGE  CONSULTANCY TOIGO  PRODUCTIONS 
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tion.Then  New  York  state  [gov¬ 
ernment  took  all  the  money 
back]  and  the  governor  reallo¬ 
cated  it  to  the  Port  Authority, 
which  hurt  us. . .  .We  still  rely  on 
a  warm  site  at  Comdisco  that 
can  be  brought  up  in  12  hours.” 

According  to  a  recent  Gartner 
survey,  one  in  three  U.S.  business¬ 
es  would  lose  critical  data  or 
operational  capabilities  if  struck 
by  a  disaster.  Only  one  in  five 
companies  has  hot  sites  where 
people  can  connect  with  their 
most  important  applications, 
according  to  a  recent  Harris  Poll 
of  52  Fortune  1000  company 
executives. 

“The  flurry  of  activity  and  inter¬ 
est  in  disaster-recovery  services 
didn’t  translate  into  a  lot  of  peo¬ 
ple  necessarily  doing  anything 
about  it,”  says  David  Palermo, 
vice  president  of  marketing  for 
SunGard  Availability  Services,  a 
company  with  a  big  stake  in  the 
business-continuity  market.  IDC 
estimates  that  the  business-con¬ 
tinuity  was  a  $27.5  billion  mar¬ 
ket  in  2002. 

Starting  from  scratch 

Many  companies  just  haven’t 
been  in  a  position  to  roll  out  a  dis¬ 
aster-recovery  plans. 

“Businesses  needed  to  clean  up 
some  of  the  basics  before  they 
even  started  to  worry  about  disas¬ 
ter  recover/’ says  George  Symons, 
CTO  of  storage  management  ven¬ 
dor  Legato  System,  which  is  in  the 
process  of  being  acquired  by 
EMC.They  couldn’t  even  recover 
data  locally, so  they  needed  to  get 
that  working  before  they  started 
transitioning  to  other  forms  of  dis¬ 
aster  recovery 

Companies  also  have  needed 
to  prioritize  which  applications 
and  systems  need  to  be  brought 
back  first  in  a  disaster  scenario, 
Symons  says. 

“They  need  to  understand  the 
order  in  which  they  bring  things 
back,  because  they  can’t  support 
all  applications  on  the  same 
level,"  he  says. 

David  Bratt,  technology  archi¬ 
tect  for  H.  Lee  Moffitt  Cancer 
Center  in  Tampa,  Fla.,  agrees. 

“There  are  obviously  certain 
systems  such  as  our  Lawson  ERP 
e-mail  and  Cerner  healthcare 
information  technology  system 
that  have  different  urgencies  than 
others,"  he  says. 

Recovering  applications  from 
tapes  stored  offsite  are  among 


Bratt’s  plans  in  the  event  of  an 
emergency  Replication  technol¬ 
ogy  and  hot  sites,  he  says,  have 
been  put  off  for  another  year. 

Disaster  disconnect 

Also  holding  back  disaster-re¬ 
covery  implementation  is  an  ap¬ 
parent  disconnect  between  what 
CEOs  and  other  chief  executives 
think  is  in  place  and  what  IT 
managers  actually  have  installed. 

“The  business  executive  is  unre¬ 
alistically  optimistic  of  how 
quickly  they  can  recover/  Sun- 
Gard’s  Palermo  says. 

“Pre-9/11,  CEOs  universally 
thought  they  were  protected,  and 
the  CIOs  knew  they  weren’t,” 
Legato’s  Symons  says.  “Post-9/11, 
there  was  a  tremendous  amount 
of  talk  about  how  ‘we’re  going  to 
jump  on  disaster  recovery?  and 
‘budgets  are  not  an  issue.’  Then, 
reality  started  to  set  in." 

In  the  Harris  Boll,  for  instance, 
CEOs  and  other  executives  said 
their  applications  and  data  could 
be  recovered  in  10  hours  in  the 
event  of  a  loss.  IT  managers 
though,  say  it  would  take  as  long 
as  30  hours. 

“That’s  a  20-hour  difference  in 
perception,”  Symons  says.  “In  that 
20  hours  if  a  customer  is  losing 
$400,000  an  hour, that’s  not  a  min¬ 
imal  difference." 

Among  the  biggest  shortcom¬ 
ings  in  existing  disaster-recovery 
plans,  experts  say,  is  that  they  are 


too  focused  on  systems  and  not 
enough  on  the  people  who 
would  use  those  systems. 

“What  really  came  out  on  Sept. 
1 1  was  that  people  were  virtually 
ignored,”  Palermo  says.  “1  don’t 
think  the  major  brokerages  lost 
much  data,  because  it  was  all  sit¬ 
ting  in  New  Jersey  But  for  people 
who  needed  [that  data]  to  do 
their  jobs  and  couldn’t  get  to  [it], 
[disaster  planning]  was  a  bust.” 

Ken  Walters,  senior  IS  director 
for  the  Public  Broadcasting 
Service  in  Alexandria,  Va.,  also 
says  people  can  be  overlooked. 

“You  spend  a  lot  of  time  to  get 
your  systems  up  in  a  couple  of 
days  and  you’ve  called  a  party,  but 
no  one  shows  up,”  says  Walters, 
whose  organization  restores  data 
from  tape  kept  offsite  by  IBM,  but 
does  not  have  a  hot  site  or  remote 
replication  in  place.  “We  need  to 
worry  about  all  the  staff  here  — 
[how  to  provide]  telephones, cof¬ 
fee  pots,  desktop  computers, 
things  like  that,”  he  adds. 

Oftentimes,  a  company’s  em¬ 
ployees  are  untrained  on  what  to 
do,  even  if  there  is  a  disaster- 
recovery  plan  in  place. 

“How  machines  are  main¬ 
tained  and  how  people  are 
going  to  get  access  to  them  is 
what  hit  us  in  the  face,"  H.  Lee 
Moffitt’s  Bratt  says. 

Senior  Editor  Jennifer  Mears 
contributed  to  this  story. 
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■  BY  JOHN  COX 

When  it  comes  to  wireless  net¬ 
working,  Sears  isn’t  choosy 

As  part  of  a  $65  million  project, 
the  retailer  this  year  has  outfitted 
trucks  used  by  its  10,000  service 
technicians  with  a  five-antenna 
dome  that  supports  Global  Po¬ 
sitioning  System  (GPS),  802.11 
wireless  LAN  (WLAN)  and  packet 
data  WAN  services  (see  diagram). 

Each  wireless  technology  plays 
a  different  role  depending  on 
what  the  technician  is  doing,  all 
in  an  effort  to  make  Sears’  field 
force  more  productive  and  help 
the  company  generate  more  rev¬ 
enue  and  turn  bigger  profits.  As  it 
is,  Sears  generates  more  than  $2 
billion  a  year  in  service  revenue. 

The  company  says  the  new 
wireless  system  is  paying  off,  let¬ 
ting  the  company  cut  adminis¬ 
trative  costs  in  half  at  regional 
support  facilities,  partly  by  using 
fewer  call  center  employees. 
There’s  less  need  for  them  be¬ 
cause  technicians  now  have  bet¬ 
ter  access  to  more  data  and  now 
can  solve  more  problems  on 
their  own. 

Sears  is  on  track  to  recoup  the 
initial  investment  costs  in  two  to 
three  years,  according  to  David 
Sankey,  director  of  process  and 
technology  development  for  the 
company’s  Product  Repairs  Ser¬ 
vices  group  in  Chicago. 

In  1995,  Sears  first  equipped  its 
field  force  with  rugged  Itronix 
notebooks  and  wireless  modems 
to  link  them  with  low-bandwidth 
but  reliable  and  pervasive  packet 
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Know-It-All 

■  THIS  WEEK'S  QUESTION: 

What  did  a  Microsoft 
share  cost  when  the 
company  initially  went 
public? 

Answer  this  and  nine  adduona!  questions 
online  and  you  could  wm  $500!  Visit 

Network  World  Fusion  and  enter  2349 

in  the  Search  box. 

www.Rwfiision.com 


Staying  connected 

Sears  is  boosting  employee  productivity  through  access  to  multiple  wireless  networks 
enabled  by  a  five-antenna  dome  situated  on  service  technicians’  trucks. 


GPS  guides  a  technician  to  customer  sites  via  a  laptop  map;  a  second  GPS  link 
provides  an  emergency  alert  capability  by  way  of  a  small  keychain-attached  device. 


WAN  connectivity  is  supported  by  separate 
satellite  and  terrestrial  packet  data  networks, 
which  are  chosen  based  on  location. 


A  technician  can  access  corporate  data  while  in  a  customer’s 

home  by  using  a  laptop  outfitted  with  a  wireless  LAN  card. 

v _ y 


data  networks  such  as  Mobitext. 
The  focus  then  was  on  cutting 
back-office  administration  costs 
by  eliminating  paperwork  and 
manual  entry  errors,  and  improv¬ 
ing  dispatching. 

“We  did  achieve  the  efficiencies 
we  wanted,”  Sankey  says.  “There 
was  a  two-and-a-half-year  pay¬ 
back,  which  was  very  consistent 
with  our  original  goals.”  Sankey 
declined  to  be  more  specific 
about  back-office  savings,  citing 
company  policy 

The  new  system  is  focused  on 
making  the  field-service  staff 
more  efficient. For  example, a  GPS 
connection  to  the  pedestal- 
mounted  laptop  in  a  truck  shows 
the  vehicle’s  location  and  direc¬ 
tions.  So  less  time  is  lost  trying  to 
get  to  a  customer’s  home. 

A  new,  20G-byte  imaging  library 
on  the  laptops,  with  a  specially 
designed  GUI  for  easy  navigation, 
is  designed  to  help  technicians 
diagnose  problems  more  quickly. 
Another  goal  is  to  make  ordering 
parts  more  accurate. According  to 
Sankey  ordering  the  wrong  part  is 
a  costly  mistake:  “Reverse  parts 
flow;"  as  it’s  called,  means  han¬ 
dling  the  item  multiple  times, 
restocking  and  processing  paper. 

The  new  system  was  created 
with  two  partners,  Itronix,  which 
offers  a  line  of  rugged  computers 
and  systems  integration  services, 


and  Wireless  Matrix,  a  systems 
integrator  that  offers  a  wireless 
gateway  to  link  enterprise  appli¬ 
cations  with  mobile  workforces. 

The  truck-mounted  dome,  de¬ 
signed  by  Wireless  Matrix,  uses 
five  wireless  technologies. 

One  is  an  802.11b  WLAN.  A 
technician  can  carry  a  laptop 
along  with  his  toolbox  into  the 
customer’s  basement  or  laundry 
room,  using  the  WLAN  to  connect 
to  the  WAN  via  the  communica¬ 
tions  dome. 

There  are  two  WAN  options  to 
ensure  connectivity  almost  100% 
of  the  time.  One  is  for  a  tradition¬ 
al  terrestrial  packet  data  net¬ 
work,  such  as  the  Mobitext  net¬ 
work.  “These  terrestrial  packet 
nets  are  still  just  data,  with  very 
high  reliability,  and  low  latency’ 
Sankey  says. 

The  second  WAN  option,  when 
the  first  is  not  available,  is  the 
more  expensive  satellite  packet- 
data  network.  A  signal-strength 
meter  triggers  a  switch  from  one 
to  the  other  depending  on  which 
signal  is  better.  The  arrangement 
gives  nearly  universal  coverage 
while  minimizing  expensive  satel¬ 
lite  charges. 

Two  other  antennas  work  with  a 
GPS.  One  is  used  to  feed  a  GPS 
signal  to  mapping  software  on  a 
laptop.  The  second  antenna,  not 
yet  activated,  will  use  a  backfeed 


Sears  location 


channel  on  the  GPS  signal,  pass¬ 
ing  it  to  a  transceiver  in  a  small 
device  that  slips  onto  a  techni¬ 
cian’s  key  chain.  A  button  can 
send  an  emergency  signal  that 
will  show  the  wearer’s  location. 

Next  up  for  Sears  is  rolling  out 
redesigned  service-order  man¬ 
agement  software.  Besides  offer¬ 
ing  a  new  user  interface,  the 
application  will  automate  many 
parts  of  a  complex  process. 

Part  of  Sears’  business  is  in- 
home  servicing  of  products  for 
other  companies:  Each  contract 
has  different  terms  of  services, 
covers  different  products  and 
stipulates  different  maximum 
repair  costs. 

“There  are  literally  hundreds  of 
possible  combinations  on  how  to 
close  a  service  call,”  Sankey  says. 
“We  built  ail  this  into  the  software, 
with  exception  tables, data  valida¬ 
tion  and  so  on.” 

Another  pending  change  is  new 
software  that  introduces  a  set  of 
CRM  features.Technicians  will  be 
able  to  review  repair  histories  of  a 
stove  or  washing  machine  with 
the  customers,  update  them  on 
new  products  and  make  them 
aware  of  current  promotions.* 
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DB2  Information  Management  Soft’ 


See  disparate  data  united. 

See  old  and  new  become  one. 
See  bits  of  data  become  insight 


Introducing  IBM  DB2  Information  Integrator  -  the  brand-new  software  that  turns  everything  in  its  path  into 
insight  and  opportunity:  rows  and  columns,  video  and  e-mail,  audio  and  Web.  It  works  wherever  your 
data  lives:  Oracle,  Microsoft  or  IBM.  It  works  in  real  time,  across  platforms:  Linux,  Windows',  UNIX.  Insight 
is  yours.  On  demand.  Faster  than  ever.  For  a  DB2  Information  Integrator  Kit,  visit  ibm.com/db2/integrate 

■(('•business  on  demand  software 


IBM  DB?.  the  o  business  logo  and  <* -business  on  demand  ;ire  registered  trademarks  or  Itndornarks  ol  lnlomnlion.il  Business  Machines  Corporation  iri  fheUnitOd  Stales  and/or  other 
countries  Ijiuix  is  .1  registered  tiademark  ol  l  inns  lor  voids  Microsoft  and  Windows  me  registered  trademaiks  ol  Microsoft  Corporation  in  the.*  United  Slates  and/or  6fh6r  countries, 
UNIX  is  a  legislated  I1.1de1n.11k  ol  Mm;  Q|»eii  Gioup  in  the  United  Stales  and/01  oilier  count  lies  Ollier  company,  product  and  service  flames  may  be  trademarks  or  jsoMty  riintkf*  of  others 
IBM  Cor poialion  All  lights  reserved.  /  ■  .  #  . 
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Netgear  router  quirk  perturbs  college 


Wisconsin's  ping  headache 

Some  brands  of  Netgear’s  consumer  routers  were 
programmed  to  ping  the  University  of  Wisconsin, 
Madison’s  NTP  servers,  causing  problems  for  the  school’s 
network. 

O  A  Netgear  home  router  goes  offline,  or  is  installed  for  the  first  time, 
requiring  a  reset  of  its  internal  clock. 

©  The  router’s  software  is 
written  to  ping  an  NTP 
server  run  by  the  University 
of  Wisconsin,  Madison,  until 
it  gets  a  time  response. 

0  With  more  than  100,000  Netgear  home  routers  installed,  UW  Madison’s  NTP  server 
became  flooded  by  NTP  pings. 
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■  BY  PHIL  HOCHMUTH 

If  you  own  a  Netgear  router, 
Annie  Stunden  would  like  you  to 
stop  pinging  her  network. 

The  University  of  Wisconsin, 
Madison’s  CIO  says  that  a  soft¬ 
ware  glitch  in  some  Netgear  pro¬ 
ducts  has  the  routers  bombard¬ 
ing  the  school’s  publicly  accessi¬ 
ble  Network  Time  Protocol  (NTP) 
server  to  update  network  time 
and  date.  Such  data  is  important 
for  routers,  because  they  generate 
a  variety  of  time-sensitive  logs. 

Several  versions  of  Netgear’s 
consumer  routers  —  models 
RP614,  DG814,  MR814  and  HR314 
—  were  shipped  with  code  that 
has  the  devices  pinging  UW’s  NTP 
server  to  set  their  internal  clocks. 
The  pinging  can  be  triggered 
when  the  router  goes  offline,  is 
unplugged  or  is  reset,  usually 
without  the  knowledge  of  the 
product’s  owner.  If  the  NTP  is  un¬ 
available,  the  router  will  continue 
pinging  the  device  until  it 
answers. 

As  a  large  public  institution,  the 
university  is  used  to  seeing  its 
share  of  hacker  activity  Napster- 
like  file  swapping,  and  other 
bandwidth  abuses  from  outside 


and  within.  But  in  May,  UW  net¬ 
work  staff  noticed  an  unusual 
amount  of  traffic  hitting  its  NTP 
server,  which  it  runs  as  a  public 
service  over  the  Internet,  as  do 
many  other  institutions  with  a 
large  Internet  presence. 

“It  was  sort  of  a  complex  situa¬ 
tion,”  Stunden  says.  “We  found  a 
lot  of  network  traffic  coming  in  a 
couple  of  months  ago,  looking 
like  a  denial-of-service  attack  on 
our  network. We  said, ‘what’s  bang¬ 
ing  at  us,’  and  when  we  looked 
into  it,  we  found  it  was  a  very  spe¬ 
cific  kind  of  traffic, coming  from  a 
specific  kind  of  Netgear  router” 

One  solution  might  have  been 
to  take  the  NTP  server  offline,  or 
move  it  to  another  IP  address, 
Stunden  says,  but  the  Netgear 
routers  were  pinging  a  whole  sub¬ 
range  of  addresses.  “It  would  not 
have  done  any  good,”  she  says. 
“Those  Netgear  routers  would  still 
come  here.  The  only  other  solu¬ 
tion  would  be  to  shut  down  a 
whole  Class  A  address  that  we 
use,  and  that’s  not  practical.” 

The  method  of  programming 
routers  to  ping  public  NTP 
servers  to  set  their  clock  time  is 
common  in  the  industry,  says 
Leslie  Adams,  vice  president  of 


marketing  for  Netgear.  Most  NTP 
implementations  on  routers  ping 
multiple  sites  in  a  random  order. 

“It’s  just  a  matter  of  making  sure 
your  products  don’t  ping  the 
same  server  all  the  time,”  Adams 
says.  She  doesn’t  know  why 
Wisconsin’s  NTP  server  IP  address 


was  programmed  into  the  af¬ 
fected  routers.The  products  were 
developed  by  Netgear  engineers 
and  some  OEM  partners. 

Netgear  developed  a  firmware 
upgrade  that  fixes  the  problem 
and  put  it  on  the  Web  site.  Al¬ 
though  Netgear  users  would  not 


know  to  apply  the  patch,  because 
the  NTP  ping  flaw  does  not  affect 
performance  or  cause  errors. 

“Since  customers  don’t  know 
about  the  [bug],  this  could  still 
pose  a  problem  for  the  university 
Adams  says.  “We’re  expecting  the 
firmware  upgrade  process  to  take 
some  time.” 

UW  and  Netgear  are  uniting  to 
solve  the  problem.  In  addition  to 
posting  its  router  patch  and  send¬ 
ing  an  e-mail  notice  to  registered 
customers,  the  vendor  also  is 
helping  the  university  handle  its 
NTP  traffic  flow. 

“Financially  they’re  helping  us 
out,”  UW’s  Stunden  says,  as  Net- 
gear  is  working  with  the  school  to 
pay  for  new  server  hardware  to 
handle  the  influx  of  traffic  its 
products  are  creating.  Netgear 
also  is  giving  network  engineer¬ 
ing  and  programming  assistance 
to  UW  to  get  the  new  NTP  infra¬ 
structure  up  and  running. 

“More  products  are  using  fea¬ 
tures  that  require  constant  inter¬ 
action  with  the  Internet,”  Adams 
says.That  could  seem  like  a  non¬ 
issue  on  a  small  scale,  but  if  you 
have  a  huge  installed  base  of 
these  products,  unexpected 
issues  like  this  one  can  arise.”  ■ 


IBM  cuts  mainframe  software/hardware  pricing 


Main  attraction 

IBM  hopes  revamped  pricing  will  help  attract  customers 
to  its  mainframe  products. 

Memory:  List  price  is  now  $10,000  per  gigabyte.  In  the  past,  pricing 
was  customized  but  landed  around  $20,000  per  gigabyte  and  up. 

Specialized  Linux  processor  engine  [Integrated  Facility  for 
Linux]:  List  price  is  now  $125,000  per  engine  across  the  zSeries 
line.  In  the  past,  IFL  prices  varied  depending  on  model.  For  example, 
a  z900  IFL  costing  between  $180,000  and  $200,000. 

Application  license  fee  for  z/OS:  Beginning  in  October,  the  z/OS 
new  application  license  charge  will  be  $36  per  millions  of  service 
units  (MSU),  which  is  how  IBM  prices  software  on  the  mainframe. 
In  the  past,  z/OS  applications  were  priced  at  $191  per  MSU. 


■  BY  JENNIFER  MEARS 

IBM  is  reducing  hardware 
and  software  costs  by  as 
much  as  80%  with  an  eye 
toward  making  it  easier  for 
businesses  to  buy  and  deploy 
big  iron. 

IBM  says  it  hopes  the  pric¬ 
ing  moves  —  which  create  set 
list  prices  for  mainframes  and 
related  software  that  typically 
are  sold  on  a  customized  and 
sometimes  complex  basis  — 
will  encourage  users  to  buy 
its  newest,  largest  mainframe. 

IBM  is  looking  for  customers 
to  use  its  new  mainframes  to 
support  Web  applications  and  act  as  a 
cornerstone  for  on-demand  computing 
initiatives. 

The  revamped  pricing  includes  cuts  in 
the  hardware  costs,  including  memory, 
as  well  as  for  software  licenses  (see 
graphic)  for  applications  such  as 
SAP  and  Siebel  running  on  the  z/OS 
operating  system.  In  addition  to  the 
price  reductions,  IBM  announced  an 
updated  base  configuration  for  the 
z990,  its  most  powerful  mainframe, 


which  will  double  memory  to  16G  bytes 
without  a  price  increase. 

“IBM  is  saying, ’Look,  this  is  something 
we’re  well-known  for.  We’ve  helped  this 
thing  continue  to  evolve,  and  we’re  plan¬ 
ning  on  continuing  to  develop  the  main¬ 
frame  platform  for  the  foreseeable 
future.  And  by  the  way,  we’re  pricing  this 
stuff  so  that  if  you  thought  you  couldn’t 
afford  it  before,  you  need  to  take  an¬ 
other  look,’"  says  Charles  King,  a 
research  director  at  Sageza. 


Further,  IBM  plans  to  ex¬ 
pand  the  on/off  capacity 
on-demand  features  — 
which  let  users  temporar¬ 
ily  activate  and  deactivate 
computing  power  —  in  the 
mainframe  to  include  Li¬ 
nux  processor  engines. 
When  the  z990  was 
launched  in  May,  the  on- 
demand  feature  was  avail¬ 
able  only  for  general-pur¬ 
pose  processor  engines. 
An  on/off  capacity  on  de¬ 
mand  software  option  also 
is  expected  to  be  available 
this  month,  when  the  prod¬ 
uct  is  set  the  ship. 

The  idea  is  to  get  customers  to 
make  broader  use  of  mainframes  in  the 
data  center  by,  for  example,  moving 
Web-based  applications  such  as  Siebel 
and  SAP  onto  the  mainframe  rather 
than  running  them  on  Unix  boxes  from 
HP  or  Sun. 

Bob  Massengill,  manager  of  technical 
services  at  Wake  Forest  University 
Baptist  Medical  Center  in  Winston- 
Salem,  N.C.,  says  he  is  pleased  with  the 
price  cuts  IBM  is  offering,  but  says  the 


mainframe  in  his  data  center  runs  only 
legacy  applications. 

“We  have  not  really  investigated  much 
into  Web-based  applications,"  he  says.“We 
are  looking  and  playing  with  Linux  on  the 
mainframe  though,  but  not  sure  yet  how 
far  tfiat  is  going  to  go.” 

Gartner  analysts  state  in  a  recent 
research  note  on  IBM’s  mainframe  strate¬ 
gy  that  the  changes  “suggest  that  IBM  may 
be  a  bit  nervous  that  the  z990  will  not  give 
it  the  sustained  revenue  boost  it  would 
like  heading  into  the  fourth  quarter  of  fis¬ 
cal  2003." 

To  further  entice  customers,  IBM  offers  a 
rebate  on  the  z990. 

“Our  objective  is  to  free  up  funds.... Cus¬ 
tomers’  budgets  aren’t  growing,  and  they 
need  to  find  ways  to  free  up  funds  to 
invest  in  other  areas,”  says  Peter 
McCaffrey,  product  manager  for  IBM 
eServer  zSeries. 

“With  this  promotional  offering  they 
buy  a  z990  —  we’re  encouraging  the  z990 
as  the  centerpiece  of  the  on-demand 
infrastructure  —  and  provide  a  rebate 
credit  that  can  be  applied  to  a  host  of  dif¬ 
ferent  on-demand  technologies  like  our 
WebSphere  products,  like  our  Blade- 
Center  technologies,  like  our  services.- ■ 
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Spirit  of  Service '" 

VOICE  SOLUTIONS.  , 

To  find  out  how  we  can  put  the  Spirit  of  Service  to  work  for  you, 

visit  us  at  qwest.com/bizspirit  or  call  us  at  1  800-506-0663.  internet  solutions 


MANAGED  SOLUTIONS,  v 


REI  WORKS  WITH  QWEST 

Cutting-edge  technology  is  vital  to  winning  new  business,  but  it’s  only  half  of  the  package.  You  need  great  people  and 
great  service  to  make  it  all  come  together.  That’s  what  we  believe  at  Qwest,®  and  we  prove  it  every  day  to  companies 
like  Recreational  Equipment,  Inc.  When  they  said  “no  downtime,”  Qwest  listened  and  delivered.  We  implemented  a 
complete  Dedicated  Internet  Access  solution  for  REI,1”  beating  their  delivery  date  by  two  weeks.  With  this  service  up  > 

and  running,  REI’s  Internet  sales  continue  to  see  double-digit  growth  year  over  year.  Their  success  is  our  success.  It’s  $ 

a  relationship  that  continues  to  this  day.  It’s  our  Spirit  of  Service  ”  commitment.  And  it’s  what  sets  us  apart.  | 


Qwest  DIA  is  available  throughout  the  United  States  Qwest  DIA  service  also  provides  high-speed  Internet  access  to  more  than  240  major  cities  in  19  European  countries.  However,  customers  in  the  states  of  AZ,  CO,  IA,  ID,  MN.  MT,  ND,  NE,  NM,  OR.  SO,  UT,  WA  and  WY  v.ili '  :v 
their  Qwest  Internet  services  provided  in  conjunction  with  a  separate  Global  Service  Provider  (GSP).  This  provider  will  supply  customers  with  connectivity  to  the  global  Internet.  When  Qwest  receives  regulatory  relief,  it  will  offer  this  service  without  the  use  of  a  GSP 
©2003  Qwest  Communications  International  Inc. 


mm. 


FITTER 


Janie  Scarborough,  Global  Account  Manager,  Qwest  Communications 
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Shifting  sands 

Analysts  see  a  move  toward  industry-standard  x86-based  systems. 
Here  are  some  things  to  think  about  when  making  strategic  decisions 
in  your  data  center: 

Analyze  this.  Figure  out  which  of  your  applications  can  run  on  which  operating  sys¬ 
tems  and  keep  an  eye  on  Intel's  CPU  road  map  and  vendor  plans  for  Intel-based  systems. 

Soft  touch.  Know  the  plans  of  your  key  software  providers  and  what  hardware  and 
software  platforms  they're  planning  to  support. 

Convert  it.  Research  conversion  tools  and  professional  service  offerings  for  Unix- 
to-Linux  migrations. 

Fresh  perspective.  Look  for  projects  that  can  be  launched  on  new  Intel  platforms. 

Get  the  edge.  Use  the  potential  for  migration  as  a  negotiating  tool  with  your  current 
vendor. 

Easy  does  it.  Don’t  rush  to  migrate.  Use  incremental  opportunities  for  new  projects 
and  technology  refresh  as  they  occur. 

Use  your  head.  Do  an  economic  analysis  of  the  migration  vs.  the  existing  environment, 
including  a  refresh  with  newer,  lower-priced  hardware  running  compatible  software 
before  you  decide  to  move. 

SOURCE:  GIGA  INFORMATION  GROUP 
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Servers 

continued  from  page  1 

The  spinoff  discovered  that  multiple  pro¬ 
prietary  systems  from  companies  such  as 
Compaq  and  Sun  were  draining  support 
and  maintenance  resources. 

“We  didn’t  have  a  staff  that  could  support 
so  many  platforms,”  says  Todd  Nelson,  vice 
president  of  global  IT  at  Goodrich  spinoff 
Noveon  in  Cleveland. “So  we  did  an  infra¬ 
structure  road  map  last  year  to  figure  out 
where  do  we  want  to  be  and  how  are  we 
going  to  get  there.  We  created  a  road  map 
of  standardization,  server  consolidation 
and  bringing  [database]  servers  under 
control.” 

That  meant  scrapping  the  proprietary 
RISC-based  servers  and  moving  onto  Intel- 
based  servers  from  Dell. 

Analysts  expect  more  businesses  to  make 
similar  shifts  as  the  performance  of  x86- 
based  servers,  which  run  on  industry-stan¬ 
dard  chips  from  Intel  and  Advanced  Micro 
Devices  (AMD),  improves.  This  can  offer 
stepped-up  processing  power  and  scalabil¬ 
ity  at  prices  below  RISC-based  boxes. 

Today,  more  than  90%  of  servers  that  cost 
$25,000  or  less  are  based  on  Intel  chips, 
and  analysts  expect  Intel  also  to  become 
more  widely  used  in  midrange  servers. 
Giga  Information  Group  predicts  that  with¬ 
in  five  years,  Intel-based  platforms  running 
Linux  and  Microsoft  operating  systems  will 
“take  at  least  half  of  the  market  share  cur¬ 
rently  owned  by  RISC/Unix.” 

A  number  of  factors  are  helping  push  the 
trend,  not  the  least  of  which  is  the  tough 
economy  that  is  forcing  companies  to 
look  for  ways  to  save  money  while  main¬ 
taining  performance.  Intel  is  feeding  into 
that  desire  by  investing  heavily  in  its  chips, 
and  earlier  this  summer  rolled  out  new 
and  improved  Xeon  MP  and  Itanium  2 
processors. 

In  addition, operating  systems  from  Linux 
and  Microsoft,  which  run  on  x86,  continue 
to  mature  and  virtualization  software  for 
Intel-based  machines  from  companies 
such  as  VMware  increases  the  flexibility  of 
Intel-based  boxes. 

Further,  a  wider  array  of  applications  that 
are  available  for  x86  vs.  proprietary  sys¬ 
tems,  and  the  fact  that  competition  is  push¬ 
ing  prices  of  x86  servers  down  and  their 
performance  and  scalability  up  makes 
them  an  increasingly  viable  option. 

“If  Intel-based  systems  continue  to  im¬ 
prove  as  rapidly  as  we  expect,  then  by 
2005  the  only  niche  left  for  the  RISC-based 
systems  where  they  will  enjoy  a  perfor¬ 
mance  advantage  is  the  extreme  high-per¬ 


formance  fringe  —  a  market  for  at  most 
several  thousand  systems  a  year,”  analysts 
at  Giga  wrote  in  a  report  last  year  in 
which  they  predicted  a  move  toward 
Intel-based  boxes. 

Market  share  shifting 

Server  shipments  reflect  the  expected 
shift,  with  Unix/RISC-based  server  ship¬ 
ments  dropping  as  the  number  of  Intel- 
based  boxes  sold  rises.  According  to  IDC, 
spending  on  x86  servers  represented  37% 
of  the  market  in  2001,  but  accounted  for 
44%  of  spending  in  the  first  quarter  of  this 
year.  About  half  of  all  money  spent  on 
servers  in  2001  went  for  RISC-based  boxes, 
which  accounted  for  just  43%  of  spending 
in  the  first  quarter  of  2003. 

“X86,  or  industry-standard  servers  based 
on  Intel  or  AMD  [chips],  have  been  gaining 
in  the  last  couple  of  years,”  says  Mark 
Melenovsky,  research  director  for  IDC’s 
global  enterprise  server  solutions  and 
Internet  infrastructure  hardware  programs. 

He  says  in  today’s  economy  companies 
might  be  reluctant  to  migrate  from  existing 
platforms  because  of  costs  associated  with 
such  moves.  IDC  has  consulted  with  users 
looking  to  move  off  proprietary  systems 
onto  standard  platforms,  but  Melenovsky 
wouldn’t  say  what  kinds  of  costs  are 
involved,  only  that  costs  are  variable. 

“There  are  a  lot  of  upfront  costs  associat¬ 
ed  with  migrating  from  one  server  platform 
to  another:  all  your  applications  and  ser¬ 
vices  and  training  that  go  along  with  that,” 


he  says.  “But  we’re  anticipating  that  when 
spending  picks  up  in  the  market,  we’ll  start 
seeing  more  growth  in  industry-standard 
server  platforms.” 

Not  that  some  companies  aren’t  making 
the  move  today  Noveon,  for  example, 
decided  that  maintaining  an  infrastruc¬ 
ture  of  “mismatched  boxes”  would  be 
more  costly  than  making  the  migration  to 
standardize. 

“[The  migration]  is  definitely  not  inex¬ 
pensive  . . .  but  we  needed  to  right  our  infra¬ 
structure  foundation  and  make  sure  that 
we  were  running  on  a  platform  that  we 
could  support  and  manage  and  keep  our 
costs  down,”  Noveon’s  Nelson  says. 

Nelson  wouldn’t  specify  how  much  the 
move  is  costing  upfront,  but  says  he  ex¬ 
pects  to  slash  hardware  costs  by  about  20% 
once  the  migration  is  complete  next  year. 

NYFIX,  a  financial  trading  systems  com¬ 
pany,  isn’t  yet  ready  to  rip  out  its  Sun-based 
infrastructure,  but  it’s  deploying  new  appli¬ 
cations  on  Intel-based  blades  from  IBM. 

John  Knuff.vice  president  of  network  en¬ 
gineering  for  the  firm  in  Stamford,  Conn., 
says  he  expects  to  cut  hardware  costs  in 
half  and  improve  performance  by  running 
a  new  client-facing  application  on  the 
industry-standard  IBM  hardware  rather 
than  on  proprietary  Sun  systems. 

“Instead  of  putting  customers  on  a  small 
number  of  Sun  platforms,  we  decided  to 
give  each  client  a  pair  of  servers  that  are 
dedicated  on  a  client-by-client  basis,”  he 
says.  “With  IBM  blades  running  Linux  it 
made  it  a  very  cost-effective  move.” 

The  price/performance  benefits  of  the 
industry-standard  x86  systems  are  a  big 
draw.  And  it’s  a  trend  that  vendors  are  see¬ 
ing  all  too  clearly.  Sun  saw  computer  sys¬ 
tems  revenue  drop  16%  this  fiscal  year  in 
large  part  because  of  declines  in  the  Unix 
market. This  spring  it  rolled  out  two  Intel- 
based  servers  with  the  hope  that  it  could 
fill  out  its  product  offerings  to  attract  cus¬ 
tomers  looking  for  industry-standard 
systems. 
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Even  HPwhich  has  laid  out  plans  to  scrap 
its  proprietary  PA-RISC  and  Alpha  systems 
in  favor  of  Intel-based  products,  took  a  hit 
in  its  midrange  and  low-end  Unix  server 
business  in  its  third  quarter  as  users  gravi¬ 
tated  to  lower-priced  industry-standard 
servers. 

“The  flexibility  and  performance  of 
servers  based  on  industry-standard  proces¬ 
sors  like  Xeon  and  Itanium  have  really 
forced  the  suppliers  of  proprietary  prod¬ 
ucts  to  lower  their  prices,  and  in  many 
cases  even  lowering  their  prices  hasn’t 
helped,” says  Nathan  Brookwood,  principal 
analyst  at  Insight64. 

No  commitments 

A  key  benefit  of  industry  standard, or  x86- 
based, systems,  he  says,  is  that  users  are  not 
committed  to  a  specific  vendor,  nor  are 
they  limited  in  their  choice  of  operating 
systems  or  applications. 

“With  any  of  the  product  lines  built  on 
proprietary  processors  —  Sun  SPARC,  IBM 
Power,  HP  PA-RISC  and  Alpha  —  once  the 
customer  made  the  decision  to  use  sys¬ 
tems  based  on  those  chips,  then  the  cus¬ 
tomer  was  virtually  locked  into  that  suppli¬ 
er]’  Brookwood  says.  “And  fundamentally, 
the  choice  of  a  processor  locked  you  into 
the  choice  of  an  operating  system  — 
Solaris,  AIX  or  HP-UX  —  and  a  vendor. . . . 
Also,  the  range  of  software  choices  tended 
to  be  more  constrained.” 

That’s  a  primary  reason  why  hospitality 
and  food-service  firm  Delaware  North  is 
looking  to  bring  in  HP’s  Integrity 
Superdome  servers,  powered  by  Itanium 
processors. 

“HP-UX,  Windows  and  Linux  can  run  on 
that  Itanium  processor.  No  question  about 
that:  It’s  the  flexibility  we  want,”  says  David 
Meacham,  director  of  IT  at  the  Buffalo,  N.Y 
company 

Delaware  North  learned  about  the  inflex¬ 
ibility  of  proprietary  systems  when  its  reser¬ 
vations  application  vendor  switched  from 
AIX  to  Windows  NT,  Meacham  says. 

“What  did  that  do  to  us?  Well,  we  had  to 
deploy  all  new  servers,  go  through  all  the 
training,  and  now  1  have  a  bunch  of  AIX 
boxes  that  aren’t  that  old  sitting  all  over  the 
place,”  he  says. 

In  the  end,  the  move  to  standard  systems 
will  result  in  more  flexibility  in  corporate 
data  centers,  analysts  say 

“When  you  get  right  down  to  it  1  think 
what  the  x86  and  for  that  matter  the  Linux 
movement  are  all  about  is  giving  cus¬ 
tomers  more  choices,"  Brookwood  says.  ■ 
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Finally,  a  company  that  talks  big  and 
works  bigger.  A  company  that  talks  ROI 
and  actually  delivers.  A  company  that 
provides  real  business  value  you  can 
measure.  A  network  solutions  and 
services  provider  called  NextiraOne. 


At  NextiraOne,  we  bring  clarity  to  your 
.complex  communications  networks. 

Planning,  designing,  implementing, 
supporting  and  managing.  For  voice, 
data  and  converged  infrastructures. 

In  the  United  States  or  around  the 
world.  You  name  it,  we  do  it  -  with 
world-class  results. 

»  * 

www.NextiraOne.com  (888)  398-0547 


It  ain’t  braggin’ 
if  you  can  do  it. 
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PROFILE: 


COVISINT 

Founded: 

2000 

Founders: 

DaimlerChrysler,  Ford,  GM  and  Renault- 
Nissan. 

Mission: 

To  be  the  shared  business-to-business 
exchange  for  automakers  and  their  suppliers. 

Services  offered: 

Online  auction  bidding  began  in  2001;  the  first 
hosted  application  came  online  last  year. 

Current  users: 

150,000 

Core 

technologies: 

IBM  WebSphere,  Oracle  database,  RSA 
Security's  ClearTrust  access  control,  hosted 
at  server  farm  at  Cable  &  Wireless  in  Chicago. 

Covisint 

continued  from  page  1 

company  said  it  expects  Covisint 
to  support  its  most  important 
XML-based  priority-messaging 
and  document  delivery  service. 

This  is  a  significant  change  from 
Covisint’s  current  role  as  an 
online  catalog  and  auction  house 
for  almost  100,000  registered  trad¬ 
ing  partners,  and  more  in  keeping 
with  the  grand  vision  laid  out 
when  Covisint  was  announced 
in  2000. 

While  it’s  taken  time  to  rev  up 
the  engine,  Covisint  is  now  bring¬ 
ing  in  about  $60  million  in  fees 
and  expects  to  be  profitable  next 
year,  said  Brad  Pfeiffer,  client  rela¬ 
tionship  director  to  Ford.  “We’re 
just  going  to  focus  now  on  what 
we  were  founded  to  do  —  pro¬ 
vide  an  industry  portal  and  the 
messaging  piece,”  he  said. 

Even  though  the  Big  Three  con¬ 
tinue  to  bicker  about  some 
things,  such  as  the  use  of  XML, 
they  say  Covisint  is  now  central  to 
their  e-commerce  strategies  with 
suppliers.  Each  car  company  is 
making  more  business  applica¬ 
tions  available  through  the  Covi¬ 
sint  portal. 

“We  want  to  drive  Covisint  as 
the  single  source  of  entry”  for 
parts  suppliers,  Greg  Wise,  manag¬ 
er  of  business-to-business  and 
portal  management  at  Daimler 
Chrysler  told  the  audience  of 
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vehicle-parts  manufacturers  at 
Auto-Tech. 

He  said  Europe  is  moving  more 
slowly  in  making  applications 
available  via  Covisint,  requiring 
suppliers  to  physically  sign  legal 
documents  such  as  confidential¬ 
ity  agreements  to  use  Covisint. 
U.S.-based  operations  are  content 
to  just  click  on  a  Web-based  form 
to  indicate  agreement. 

But  Wise  said  all  Daimler- 
Chrysler  parts  manufacturers  will 
be  included  in  a  new  Global 
Supplier  Directory  on  Covisint. 
Suppliers  typically  buy  manufac¬ 
tured  goods  from  other  suppliers 
to  incorporate  into  what  they  sell 
to  DaimlerChrysler,  so  that  could 
help  suppliers  locate  each  other 
to  do  business  around  the  globe. 


One  advantage  for  suppliers 
making  the  mandatory  switch  to 
Covisint,  Wise  noted,  is  that  Co¬ 
visint  can  offer  them  each  a  single 
sign-on  ID.  This  will  let  each  user 
gain  access  to  up  to  150  applica¬ 
tions  via  only  one  ID  logon. 

“There’s  a  huge  inefficiency  for 
suppliers  that  have  30  passwords 
and  IDs,”  but  that’s  what  Covisint 
and  many  other  portals  have 
required,  said  Dave  Miller,  Co¬ 
visint  CSO.  To  address  the  prob¬ 
lem,  Covisint  has  introduced  a 
federated  logon  system  to  make  it 
possible  for  suppliers  to  use  one 
ID  for  multiple  applications. 

To  get  the  new  federated  logon 
for  employees, each  supplier  will 
need  to  name  a  security  officer 
as  the  key  Covisint  contact.  Covi¬ 


sint  will  hand  off  the  requests  to 
the  appropriate  security  admin¬ 
istrators  at  the  automakers,  who 
will  route  the  request  to  the  divi¬ 
sion  that  owns  the  desired 
application. 

If  granted,  the  security  officer 
will  inform  Covisint  to  allow 
access  to  the  applications  via  a 
federated  ID,  which  will  be  done 
using  the  RSA  ClearTrust  access 
control  software  Covisint  uses  to 
authorize  access  to  the  portal 
(the  portal  is  based  on  IBM 
WebSphere). 

The  secure  sharing  of  security 
credentials  between  supplier, 
automaker  and  Covisint  requires 
use  of  a  new  type  of  client  en¬ 
cryption-based  software,  Miller 
said.  Covisint,  as  a  backer  of  the 
Liberty  Alliance  standard  called 
Security  Assertions  Markup  Lan¬ 
guage,  has  written  its  own  XML- 
based  code  based  on  SAML. 
ClearTrust  1.5  will  be  officially 
SAML-ready  this  fall,  Miller  said. 

Miller  acknowledged  there  is 
complexity  in  the  whole  scheme, 
and  experience  will  show  how 
well  the  model  works. 

Ford's  better  idea 

Ford  is  looking  at  Covisint  as 
a  way  to  allow  transfer  of  EDI 
documents  for  purchasing  and 
shipping,  says  Tim  Thomasma, 
Ford’s  enterprise  infrastructure 
architect. 

Suppliers  currently  send  EDI 
documents  three  ways:  as  IP- 
based  file  transfers  over  a  private 
VPN  network  called  the  ANX;  by 
posting  them  to  a  Web-based  Ford 
site;  or  via  EDI  value-added  net¬ 
works  (VAN). 

“But  there’s  been  a  quality-of- 
service  problem  with  various 
VANs,”  Thomasma  says.  Ford  now 
will  only  allow  use  of  the  ANX 
Velocity  service,  or  VANs  run  by 
GE  Information  Services,  IBM  and 
Sterling  Commerce.  Covisint  will 
be  added  as  a  Ford-recognized 
VAN  in  November  based  on  test¬ 
ing  now  being  done. 

A  big  proponent  of  Web  ser¬ 
vices  as  defined  by  the  World 
Wide  Web  Consortium  and  a 
second  group  known  as  Web 
Services  Interoperability  Organ¬ 
ization,  Ford  would  prefer  that 
suppliers  start  using  the  format- 
neutral  XML  rather  than  the 
decades-old  EDI  technologies 
for  sharing  business  documents. 
Sharing  of  XML-based  files  with 
Ford  also  will  be  possible 
this  fall  through  Covisint,  Tho¬ 
masma  added. 

Driving  toward  XML  messaging 

GM  remains  content  to  use  its 
Supply  Fbwer  business-to-business 
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exchange  based  on  portal  soft¬ 
ware  from  ATG  and  access-con¬ 
trol  security  in  the  form  of  IBM’s 
Tivoli  FblicyDirector.SupplyFbwer 
lets  trading  partners  access  25 
back-end  applications,  including 
SAP  and  PeopleSoft  tools  and 
other  Web-based  programs. 

“SupplyPower  is  the  single  point 
of  entry  for  GM  for  1 7,500  compa¬ 
nies,”  said  GM  information  officer 
Steve  Hanna. 

Although  the  company  is  only 
using  Covisint  for  online  auctions 
with  suppliers  today,  it  eventually 
wants  to  use  Covisint  as  a  hub  for 
XML-based  messaging. 

“Covisint  is  our  messaging  strat- 

"We  want  to  drive 
Covisint  as  the 
single  source  of 
entty" 

Greg  Wise 

Manager  of  business-to- 
business  and  portal  manage¬ 
ment,  DaimlerChrysler 

egyf  Hanna  said.  GM  announced 
last  week  that  it  is  participating  in 
what  Covisint  calls  the  priority¬ 
messaging  pilot  project  with  Ford, 
DaimlerChrysler  and  suppliers 
Delphi, Lear  and  JCI.  According  to 
Bill  Penn,  Covisint’s  chief  archi¬ 
tect,  that  involves  exchanging 
time-critical  documents  in  XML 
format  in  a  way  that  automated 
updates  can  be  made  to  back¬ 
end  applications  of  carmaker 
and  supplier.  The  pilot  starts  in 
November  and  “we’ll  do  it  using 
the  brokering  technology  in 
WebMethods,”  Penn  said. 

Like  Ford,GM  wants  to  see  the 
auto  industry  convert  from  EDI 
to  XML.  However,  GM  prefers  the 
version  of  XML  documents 
known  as  ebXML  defined  by  the 
Open  Applications  Group.  GM 
has  started  using  the  SeeBeyond 
middleware  internally  to  inte¬ 
grate  XML-based  ebXML  data 
into  57  different  applications, 
Hanna  said. 

The  fact  that  Ford  and  GM  are 
butting  heads  over  which  ver¬ 
sions  of  XML  to  use  to  define 
business  documents  might  com¬ 
plicate  the  situation,  but  it  won’t 
run  the  effort  off  the  road 
because  translation  between 
XML  documents  is  possible,  Penn 
said.  The  automakers  also  said 
they  hope  to  reconcile  their  XML 
differences  soon.  ■ 
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Gartner:  Expect  to  see 
wireline-to-wireless  portability 


Consultants  at  Gartner  predict  that  up  to  10%  of 
wireline  users  will  port  their  phone  numbers  over 
to  wireless  service  providers  when  that  opportun¬ 
ity  is  available. 

The  consulting  firm  expects  the  FCC  to  give  cre¬ 
dence  to  such  a  prediction  as  early  as  mid-2004, 
says  Ron  Cowles,  research  vice  president  at  Gart¬ 
ner.  He  says  this  “will  have  a  major  effect  on  the 
U.S.  telecommunications  market.” 

Wireline-to-wireless  number  portability  will  offer 
users  more  freedom  to  move  their  landline  tele¬ 
phone  service  to  a  wireless  provider  for  better  ser¬ 
vice  rates  or  geographic  flexibility. 

“It  will  turn  marketing  strategies  upside  down 
and  have  a  significant  impact  on  customer  calling 
patterns  and  areas,  state  and  federal  regulations, 
pricing  and  interconnection  agreements,  and 
product  offerings  and  plans," Cowles  says. 

Whether  the  FCC  will  create  new  rules  to  support 
wireline-to  wireless  number  portability  isn’t  clear. 
According  to  the  FCC,  its  current  rules  “require 
porting  between  wireless  and  wireline  carriers.” 

A  Nov.  24  FCC  deadline  currently  looms  for  wire¬ 
less  number  portability,  which  means  customers 


will  soon  be  able  to  keep  their  phone  numbers 
when  switching  from  one  wireless  carrier  to  an¬ 
other.  The  commission  might  take  this  opportunity 
to  further  clarify  some  of  its  existing  rules  (see 
www.nwfusion.com,  DocFinder:  7350).  An  FCC 
spokeswoman  says  the  commission  is  looking  at 
one  outstanding  issue  that  the  industry  has  raised. 
The  issue  involves  porting  local  wireline  numbers 
to  a  wireless  carrier’s  system  that  does  not  offer 
service  in  that  local  area. 

The  FCC  has  not  issued  further  comment  on  this 
concern,  but  intends  to  clarify  any  and  all  rules 
that  pertain  to  wireless  number  portability  before 
the  November  deadline. 

Porting  landline  numbers  to  wireless  service 
providers  is  expected  initially  to  have  a  stronger 
effect  on  the  consumer  market  than  the  business 
market,  Cowles  says. 

Business  users  are  dependent  on  their  PBX 
switches  and  are  more  sensitive  to  quality-of-ser- 
vice  issues,  and  will  likely  not  exclusively  migrate 
to  a  wireless  service,  he  says. 

But  as  services  mature  and  quality  improves, 
businesses  might  be  more  inclined  to  support  a 
mix  of  wireless  and  wireline  phones  within  their 
organization,  he  says  ■ 
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Takes 

■  IBM  next  month  will  offer  some 
enhancements  to  its  FAStT600  stor¬ 
age  server  that  it  says  will  improve  its 
performance  and  double  the  amount 
of  data  that  the  system  can  store. 
Called  the  “turbo"  option,  the  en¬ 
hancements  will  increase  the  FAStT - 
600's  memory  cache  from  256M  bytes 
to  1G  byte  and  let  the  system  host  112 
Fibre  Channel  drives  instead  of  the 
current  total  of  42,  for  a  total  of  16.4 
terabytes  of  storage,  IBM  says.  The 
turbo  option  also  will  include  new 
Storage  Manager  8.4  firmware.  The 
FAStT600’s  turbo  enhancements  will 
be  available  Sept.  12  and  will  cost 
$26,570  as  a  "customer-installable 
upgrade”  for  current  FAStT600  users, 
the  company  says.  Complete  new  sys¬ 
tems  will  start  at  about  $36,570. 

■  Dell  last  week  rolled  out  a  new 
tape  library  that  can  scale  up  to  72 
terabytes.  The  PowerVault  160T  sup¬ 
ports  as  many  as  1,344  Linear  Tape 
Open  2  tape  cartridges.  It  also  works 
with  back-up  and  recovery  software 
from  CommVault,  Legato  Systems 
and  Veritas  Software.  It  has  redundant 
power  supplies  for  fault-tolerance. 
Each  Fibre  Channel  tape  drive  con¬ 
nects  to  a  port  on  a  Fibre  Channel 
switch.  It  fits  in  a  standard  42U  rack. 
The  PowerVault  160T  starts  at  $47,950 
for  38  terabytes  for  one  LTO-2  drive, 
plus  installation. 

■  Sun  last  week  extended  the  reach 

of  its  Solaris  9  Operating  System 
x86  Platform  Edition,  certifying  an 
additional  100  hardware  platforms  to 
run  it.  Sun  also  added  100  new  compo¬ 
nents  to  its  Hardware  Compatibility 
List,  which  can  be  found  at  www.sun 
.com/bigadmin/hcl.  After  announcing  it 
would  not  release  Solaris  9  for  sys¬ 
tems  based  on  the  Intel  x86  chip  archi¬ 
tecture,  Sun  last  October  said  it  would 
ship  a  version  of  Solaris  9  for  x86  for 
its  own  platforms  and  sold  separately 
from  its  own  hardware.  Licenses  are 
priced  starting  at  $99.  Sun’s  Web  site 
lists  five  x86  desktop  or  server  sys¬ 
tems,  three  made  by  Sun,  as  “Sun 
Certified"  and  nine  third-party  sys¬ 
tems  as  "Test  Suite  Certified." 
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Speedy  returns  are  Google’s  goal 


Google's  search  accelerator 

The  leading  search  engine  Web  site  uses  NetScaler  server  load 
balancers  to  speed  up  access  to  its  Google  Images  search  site. 


NetScaler  server 
load  balancers 


search 

engines 


O  Web  traffic  hits  one  of  Google’s  North 
American  data  centers,  where  NetScaler 
switches  inspect  the  traffic  and  route  it 
to  the  most  available  Web  server. 


o  Web  servers  pass  the  requests  off 
to  a  cluster  of  Google  search 
machines,  which  process  the 
search  topics  and  return  results. 


■  BY  PHIL  HOCHMUTH 

While  few  Web  sites  can  handle  an 
average  of  200  million  queries 
and  a  billion  HTTP  requests  per 
day  Google  has  done  it  for  years.  But 
the  search  engine  leader  wanted  to  do 
it  better. 

Known  for  its  speedy  return  of  rele¬ 
vant  search  topics,  Google  recently  de¬ 
cided  to  give  its  site  a  boost  with  a  Web 
server  load-balancing  upgrade.  But  the 
firm  wanted  a  product  that  did  more 
than  just  keep  traffic  flowing  smoothly 
among  its  thousands  of  servers,  says  Urs 
Holzle,a  Google  fellow,  who  heads  infra¬ 
structure  strategy  at  the  firm. 

“What  we  were  mostly  looking  for  was 
performance  and  stability"  in  a  load-bal¬ 
ancing  device,  Holzle  says.  Stability  in¬ 
cludes  not  only  uptime,  he  adds,  but 
also  “the  ability  to  handle  denial-of-ser- 
vice  [attacks] ,  viruses  and  ping  floods. 
Were  now  using  the  NetScaler  switches 
to  do  that  after  deploying  them  about 
three  months  ago.” 

Since  its  rollout  began  in  January 
Google  has  installed  “dozens” —  Holzle 
would  not  say  specifically  how  many  — 
of  NetScaler  9800  Secure  Application 


Switches.The  boxes  sit  at  the  front  end 
of  Google’s  Image  Search  Web  pres¬ 
ence,  where  the  boxes  balance  traffic 
among  Web  servers  and  search 
engine  boxes. 

“Our  image  search  is  one  of  our  most 
performance-intensive  apps,”  Holzle 
says. “Each  search  result  has  at  least  25 
with  images.  And  we  receive  thousands 


of  requests  per  second.  The  NetScaler 
boxes  do  well  with  that.” 

While  the  NetScaler  boxes  have 
Gigabit  interfaces  and  can  handle 
several  hundred  megabit/sec  of  Layer 
4  to  Layer  7  traffic  processing,  Holzle 
says,  “we’re  not  exploiting  that.”  Most 
of  Google’s  traffic  consists  of  bursts  of 
See  Google,  page  18 


McData  ups  storage  switching  ante 


The  acquisition  game 

The  market  for  intelligent  Fibre  Channel 
switching  is  consolidating  rapidly  as  vendors 
acquire  start-ups. 


August 

McData  acquires 
Sanera  —  Fibre 
Channel  with 
partitioning. 


July 

Cisco 
acquires 
NuSpeed 
—  iSCSI.  , 

November - 

Brocade  acquires  Rhapsody  —  Fibre 
Channel  with  intelligent  applications. 

McData  acqu 
Nishan  Syster 
iFCP,  FCIP,  iS 

res 

ns  — 

CSI. 

HUgUbl 

Cisco  acquires  Andiamo  —  FCIP,  iSCSI, 
Fibre  Channel  with  intelligent  applications. 

|2000  |2001  12002  |  2004) 

■  BY  DENI  CONNOR 

McData’s  acquisitions  of  Nishan  Systems 
and  Sanera  Systems  last  week  put  it  in  the 
middle  of  a  select  group  of  manufacturers 
—  including  Brocade  Communications 
and  Cisco  —  that  are  embedding  applica¬ 
tions  in  their  Fibre  Channel  switches. 

The  company’s  acquisition  of  Nishan  for 
$83  million  and  Sanera  for  $102  million 
cash  will  increase  not  only  McData’s 
director-level  switching  capabilities  but 
also  add  intelligent  applications,  iSCSI 
network  support  and  Fibre  Channel  over 
IP  distribution  of  data  over  distances  to  its 
portfolio  of  products. 

“The  combination  of  Sanera  with  a  great 
core  switching  architecture,  as  well  as 


Nishan  with  is  ability  to  do  [storage-area 
network]  routing,  is  beneficial,” says  Jamie 
Gruener,  a  senior  analyst  with  The  Yankee 
Group.  “As  customer  SANs  have  gotten 


larger  and  larger  there  has  been  a  need 
for  McData  to  figure  out  how  they  are 
going  to  deal  with  that  issue." 

See  McData,  page  18 
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Brave  new  world  of  WLAN  analyzers 


NetworkWorld  9/1/03 


As  wireless  IAN  use  has  surged  in  cor¬ 
porations,  it  is  no  surprise  that  WLAN 
analyzers  have  sprung  up  all  around 
us.  What  is  surprising,  though,  is  how  radi¬ 
cally  different  some  of  them  can  be  from 
their  wired  brethren  —  and  from  each 
other.  One  could  argue  that  the  term  “wire¬ 
less  LAN  analyzer"  is  being  used  today  to 
refer  to  products  so  fundamentally  differ¬ 
ent  that  they  shouldn’t  be  compared  at  all. 

As  is  so  often  the  case.it  is  not  an  issue  of 
better  or  worse  but  just  of  different  prod¬ 
ucts,  with  different  heritages,  designed  for 
different  jobs. 

Most  familiar  will  be  the  new  wireless  ver¬ 
sions  of  well-known  wireline  LAN  analyz¬ 
ers  such  as  those  from  Finisar  and  Sniffer 
Technologies. 

Thanks  to  the  network  transport  inde¬ 


pendence  of  the  network  driver  interface 
specification  used  as  the  basic,  low-level 
network  application  interface  with  all  re¬ 
cent  Microsoft  operating  systems,  many 
wired  Ethernet  analyzers  can  become 
“wireless”  with  relative  ease. 

Because  ultimately  the  WLAN  delivers 
protocols  and  packets  recognized  by 
upper-layer  decode  and  monitoring 
engines  of  existing  analyzers,  there  is  a 
huge  amount  of  reusable  code.  In  fact, 
most  network  analyzers  were  (correctly) 
built  in  a  layered  fashion  so  that  new  net¬ 
work  interfaces  could  be  introduced  with¬ 
out  causing  redevelopment  of  the  core 
analyzer  functions. 

Thus,  one  typically  can  find  a  wireless 
version  of  one’s  favorite  wired  LAN  ana¬ 
lyzer  and  start  picking  up  “the  air”  quite 
rapidly.  The  formula:  Standard  analyzer 
plus  wireless  network  interface  card  plus 
additional  802.1 1  decodes  equal  a  WLAN 
analyzer. 

Other  vendors,  for  example,  an  Agilent 
Technologies  or  an  AirMagnet.take  a  dif¬ 
ferent  approach.  While  the  formula  has 


similar  elements,  the  “mix”  is  different, 
and  thus  the  resultant  product  is  also 
different. 

With  them,  the  formula  is  deliberately 
skewed  to  understanding  and  unraveling 
the  characteristics,  behavior  and  potential 
problems  inherent  to  radio  frequency 
transmission  and  the  IEEE  802.1  lb/a/g 
wireless  protocols  in  particular.Around  this 
core,  traditional  LAN  analyzer  functions 
(such  as  decodes  and  statistics)  are  built. 

While  the  two  product  classes  overlap 
in  some  areas,  the  latter,  by  design,  offers 
significantly  more  wireless-specific 
information. 

For  starters,  “expert  analysis”  of  WLAN 
events  is  of  particular  value.  Few  of  us 
“mainstream”  TCP/IP  Ethernet  data  net¬ 
working  types  have  had  the  time  (or  incli¬ 
nation)  to  learn  the  arcane  details  of  the 
802.11b  protocol.  Yes,  it  is  “like”  Ethernet 
but  it  is  not  Ethernet. 

So  just  getting  decodes  referencing 
“associations”  and  “beacon”  frames 
doesn’t  help  most  of  us.  We  need  to 
know  what  it  means  to  be  seeing  said 


frames.  Some  of  the  wireless-centric 
analyzers  offer  up  this  type  of  expert 
advice. 

Perhaps  it  will  be  superfluous  three  years 
hence,  but  for  now  it  is  very  valuable. 

Monitoring  performance  thresholds  and 
detecting  trends  related  to  weak  signals, 
transmissions  errors  or  low-rate  associa¬ 
tions  and  alerting  the  network  staff  to  the 
presence  of  such  conditions  is  a  virtual 
necessity  given  the  way  that  wireless  net¬ 
works  can  change  on  a  daily,  if  not 
hourly,  basis. 

These  types  of  functions  are  those  that 
you'd  want  from  either  flavor  of  WLAN 

analyzer. 

Add  to  this  some  WLAN  analyzers  that 
even  claim  intrusion-detection  system 
capabilities  and  one  thing  is  clear:  With 
WLANs  we’ve  entered  a  brave  new  world 
of  net  analysis. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Manasquan,  N.J.  He  can  be 
reached  at  ktolly@tolly.com. 


McData 

continued  from  page  17 

McData  sees  that  adding  appli¬ 
cation  support  to  its  switches  will 
help  it  enable  data  movement 
and  virtualization  of  storage  with¬ 
in  businesses.  Virtualization  is 
used  to  give  a  logical  representa¬ 
tion  of  disparate  physical  storage 
so  it  can  be  managed,  allocated 
and  monitored  more  easily. 

Nishan,  a  vendor  that  was  fund¬ 
ed  for  $90  million,  manufactures 
Fibre  Channel  over  IP  (FCIP),  In¬ 
ternet  Fibre  Channel  Protocol 
(iFCP)  and  iSCSI  products.  FCIP 
lets  users  distribute  Fibre  Chan¬ 
nel  data  over  the  IP  network.  The 
iFCP  converts  Fibre  Channel  data 
to  IP  for  transmittal  over  IP  net¬ 
works.  The  iSCSI  protocol  lets 
Fibre  Channel  data  be  trans¬ 
ported  over  the  Ethernet  net¬ 
work.  McData  says  it  will  integrate 
Nishan’s  products  into  its  line  of 
director-level  switches. 

Sanera,  on  the  other  hand, 
builds  a  256-port  director-level 
Fibre  Channel  switch  that  can  be 
partitioned  into  zones  for  easier 
and  more  secure  management  in 
enterprise-size  businesses.  The 
start-up,  which  was  funded  for 
$101  million,  makes  the  DS10000. 
McData  will  continue  to  market 
this  product  and  over  time  will  in¬ 
tegrate  its  features  into  its  own 
McData  director-level  switches. 

McData  is  not  the  only  com¬ 
pany  snapping  up  start-ups  that 
make  intelligent  Fibre  Channel 
switches.  Last  year  Cisco 
acquired  Andiamo  Systems  for 


an  estimated  value  of  $2  billion 
and  Brocade  bought  Rhapsody 
for  $175  million.  Earlier,  Cisco 
made  its  entry  into  storage  with 
the  acquisition  of  iSCSI  gateway 
vendor  NuSpeed.  Of  the  vendors 
that  make  director-level  Fibre 
Channel  switches,  only  CNT/In- 
Range  has  yet  to  acquire  a  com¬ 
pany  that  would  let  it  add  intelli¬ 
gent  applications  to  its  products. 

Competition  in  this  market  is 
fierce,  as  vendors  attempt  to 
jockey  for  market  share. 

“The  acquisition  puts  McData 
in  a  much  better  position  to 
compete  head  on  with  Cisco,” 
Gruener  says.  “The  architecture 
Brocade  bought  with  Rhapsody 
solved  one  problem  but  not  all 
the  problems  McData  is  going  to 
be  able  to  solve  by  doing  these 
acquisitions.” 

Further,  McData  announced 
that  it  has  made  a  strategic  invest¬ 
ment  in  Aarohi  Communications, 
a  start-up  that  makes  a  storage 
processor  it  says  optimizes  the 
performance  of  the  Fibre  Chan¬ 
nel  fabric.  McData  also  reported 
net  income  of  $9. 1  million  for  the 
second  quarter  compared  to  a 
loss  in  the  second  quarter  last 
year  of  $3.9  million.  The  compa¬ 
ny’s  revenue  increased  to  $107 
million  from  a  previous  $77.3 
million.  ■ 
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I  Site  ■  Lessons  from  Leading  Users 

Google 

continued  from  page  17 


traffic,  instead  of  long, sustained 
packet  flows.  “Bandwidth  is  not 
a  limitation  for  our  applica¬ 
tions,”  he  says. 

Google’s  data  centers  number 
“in  the  dozens”  and  operate  in 
the  U.S.and  around  the  world  in 
undisclosed  locations.  In  the 
data  centers,  the  firm  operates 
hundreds  of  Web  servers,  run¬ 
ning  both  Apache  and  a  home¬ 
grown  Web  server  application 
developed  by  Google. 

These  servers,  typically  Intel- 
based  machines  running  Linux, 
sit  in  front  of  thousands  (Google 
declined  to  give  a  number)  of 
similarly  configured  search 
engine  PCs,  which  run  the  pro¬ 
prietary  applications  that  troll 
the  Web  and  rank  pages  accord¬ 
ing  to  search  criteria  — 
Google’s  claim  to  fame. 

“We  carefully  optimized  our 
site  for  speed  before  and  after 
the  NetScaler  installation,” 
Holzle  says.  But  he  says  the  Net- 
Scaler  boxes  add  a  degree  of 
speed  and  security  to  the  site. 

One  of  Google’s  imperatives  is 
to  prevent  its  front-end  Web 
servers  from  being  pecked  to 
death  by  floods  of  ping  and  TCP 
requests,  whether  benign  or 
malicious.  Google  has  deployed 


several  features  on  the  Net- 
Scaler  boxes  to  do  this. 

“Attacks  and  malicious  traffic 
are  something  that’s  always  hap¬ 
pening  here,”  Holzle  says.  “As  a 
large  Internet  site,  we  are  always 
a  potential  target.  We’re  not 
going  to  wait  until  something 
happens.” 

One  way  the  NetScaler  boxes 
provide  security  is  by  acting  as 
a  second-defense  firewall,  be¬ 
hind  the  company’s  dedicated 
firewall  boxes. 

“All  the  load  balancers  are 
designed  to  accept  IP  traffic  on 
Port  80,”  Holzle  says.“That’s  what 
they  forward.  If  incoming  traffic 
does  not  designate  a  port,  or  is 
not  IP  all  packets  automatically 
get  dropped.” 

Other  features  on  the  box 
allow  rate  limiting  for  such 
diagnostic  traffic  as  ping  and 
Internet  Control  Messaging 
Protocol,  which  can  be  used  to 
swamp  a  Web  server  in  a  DoS 
attack.  “That  reduces  the  time 
our  [Web  server]  CPUs  have  to 
spend  on  that,"  he  says. 

Another  NetScaler  feature  in 
use  are“SYN  cookies,”  which  let 
the  NetScaler  boxes  process 
and  respond  to  SYN  messages 
—  packets  sent  to  initiate  a 
TCP/IP  connection,  which  can 
be  used  as  a  tool  in  “SYN  flood” 
DoS  attacks,  where  hundreds  or 
thousands  of  hacked  comput¬ 
ers  are  coerced  into  sending 


bogus  SYN  packets  to  a  Web 
server  to  overwhelm  the  box. 

“SYN  cookies  allow  you  to 
respond  to  SYNs  without  con¬ 
gesting  space  on  the  box,” 
Holzle  says.  “That  lets  you  sus¬ 
tain  a  high  rate  of  SYNs  without 
consuming  CPU  usage.” 

While  the  NetScaler  boxes 
offer  Layer  7  deep  packet  in¬ 
spection  features,  which  some 
users  turn  on  for  such  applica¬ 
tions  as  HTTP  cookie  and  XML 
switching  antf  traffic  accelera¬ 
tion,  Holzle  says  Google  is  not 
using  these  features. 

“We’re  using  Layer  4  only!’ 
Holzle  says.  “That’s  because  we 
have  an  existing  Layer  7  solu¬ 
tion  which  runs  on  Web 
servers.” 

Load-balancing  technology  is 
not  new  to  Google,  as  the  firm 
had  another  vendor’s  Layer  4  to 
Layer  7  gear  installed  for  several 
years  before  the  NetScaler  roll¬ 
out.  (Holzle  would  not  say 
which  company)  The  decision 
came  down  to  “three  major 
players”  he  says,  and  adds  Goo¬ 
gle  won  on  its  performance, 
scalability  and  security  features. 

While  Google  got  a  good 
price  on  the  NetScaler  gear 
(Holzle  wouldn’t  give  that 
away,  either)  he  adds  that  cost 
was  not  a  deciding  factor  in 
the  deal.  “We  were  really  look¬ 
ing  for  the  best  performance 
out  there,"  he  says.  ■ 


T1  ACCESS  FOR  HUNDREDS  LESS 
DDES  WONDERS  FDR  THE  REPUTATION. 

We  just  lowered  our  prices  and  waived  our  installation  fees. 
And  that’s  for  the  same  premium  performance  and  specialized 
service  that  has  made  us  the  fastest-growing  T1  data 
provider  in  the  nation.  Still,  we  don’t  expect  you  to  be 
convinced  overnight.  That’s  why  we’re  giving  you  30  days  of 
no-risk  trial. 
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Take  Our  Risk-Free  30-Day  Covad  11  Challenge 
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CALL  1-800-555-0456  WHY  SWITCH  TO  COVAD  DATA  Tl? 

Try  our  Tl  for  one  month  and  we’ll  pay  for  installation.  •  Service  Level  Guarantees  •  4-hour  mean  time  to  repair  •  Guaranteed  99.99% 

If  you’re  not  completely  satisfied,  we’ll  refund  your  monthly  uptime  •  Right-sized  pricing  when  we  lower  Tl  fees  in  the  future, 

monthly  fee  and  equipment  cost.  •  Specialized  Tl  Service  Team  available  live  24x7  •  Tl-dedicated,  toil-free  hotline 

www.covad.com/t1challenge 
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The  switch  that  adapts 
to  any  environment. 

And  always  will. 


Introducing  the  Matrix™  N-Series 

Scalability  and  security  adapted  to  your  enterprise. 


Because  your  needs  change  so  often,  you 
need  a  switch  that  can  keep  up.  That’s  the 
revolutionary  new  Matrix  N-Series.  Thanks 
to  an  exclusive  distributed  architecture — 
where  all  switching  and  control  functions 
reside  on  each  module — the  N-Series  lets 
you  cost-effectively  add  bandwidth,  users  and 
applications  on  the  fly.  And  no  other  switch 
offers  such  a  low  entry  cost. 

A  wide  range  of  secure  connectivity 
options  means  the  Matrix  N-Series  will 
scale  to  support  converged  applications 


like  video  streaming,  VoIP  and  more  without 
expensive  upgrades.  .With  unsurpassed 
reliability,  flexibility  and  investment 
protection,  the  N-Series  is  a  key  component 
to  any  Business-Driven  Network .™ 

Now  and  always. 

For  a  FREE  whitepaper  on  the  Matrix 
N-Series  and  Multilayer  Packet  Classification, 
go  to  enterasys.com/nw/n-series 
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Microsoft  seen  sparking  corporate  IM 


■  BY  JORIS  EVERS 

Riding  a  tide  of  desktop  domination, 
Microsoft’s  latest  foray  into  presence  is  ex¬ 
pected  to  kick-start  corporate  adoption  of 
instant  messaging.  Lateness  to  market,  how¬ 
ever,  has  analysts  skeptical  as  to  how  the 
offering  will  compete  against  those  of  long¬ 
time  collaboration  players  such  as  IBM. 

Office  Live  Communications  Server  2003 
—  code-named  Greenwich  and  previously 
known  as  Real  Time  Communications 


Server  —  was  released  to  manufacturing 
last  week.  Microsoft  sees  the  product’s 
delivery,  slated  for  six  to  eight  weeks,  as  a 
key  moment  in  establishing  instant  mes¬ 
saging  as  a  business  tool, says  Ed  Simnett, 
lead  product  manager  at  Microsoft. 

With  Live  Communications  Server,  com¬ 
panies  will  be  able  to  run  their  own  enter¬ 
prise  instant-messaging  network,  address 
security  concerns  related  to  public  ser¬ 
vices,  and  log  and  manage  employees’ 
instant-messaging  usage.  The  product  is 


capable  of  determining  whether  a  user  is 
online  and  available  for  communication 
in  Office  applications  and  can  extend  this 
presence  information  to  other  applica¬ 
tions  such  as  custom  portals. 

Despite  noting  the  significance  of  the 
products  upcoming  release,  analysts  say 
Microsoft  has  some  catching  up  to  do. 
Market  incumbent  IBM  has  been  selling 
Lotus  Sametime  —  recently  renamed 
Lotus  Instant  Messaging  and  Conferencing 
—  for  approximately  five  years. 


“Sametime  has  been  out  for  a  number  of 
years,  giving  IBM  a  significant  leg  up.  1 
would  expect  to  see  the  second  version  of 
Office  Live  Communications  Server  as  a 
closer  competitor  to  Sametime,”  says 
Michael  Osterman, president  and  founder 
of  Osterman  Research. 

But  with  Office  on  nearly  every  business 
user’s  PC,  Microsoft  has  a  considerable 
market  advantage,  says  Maurene  Caplan 
Grey  research  director  at  Gartner.  “What 
See  Microsoft,  page  22 


Birth  of  a  server 

Microsoft  has  been  working  on  in¬ 
stant  messaging  for  the  past  several 
years,  starting  with  support  in  Ex¬ 
change  2000  and  culminating  in  the 
release  to  manufacturing  last  week 
of  Microsoft  Office  Live  Communica¬ 
tions  Server  2003. 


November  2000 

Microsoft  launches  Exchange 
2000  and  its  first  support  of 
instant  messaging  using  its 
own  proprietary  protocol. 


I  I  I J  I  I 


fMay  2003 

||k  Microsoft  shifts  gears  from  delivering  instant  messaging  in  the  base  operating 
f  system  to  aligning  it  with  Office.  RealTime  Communications  Server’s  name 
is  changed  to  Microsoft  Office  RealTime  Communications  Server  2003. 
Anoop  Gupta,  corporate  vice  president  for  real-time  collaboration,  says, 

^  "Information  workers  will  be  able  to  send  instant  messages  to  colleagues 
from  within  the  productivity  applications  they  use  every  day.” 

April  2003 


June  2002 

Jim  Allchin,  Microsoft's 
senior  vice  president  for 
platforms,  introduces  an 
instant-messaging  service 
code-named  Greenwich  that  will  be  tied 
to  the  Windows  operating  system. 


Microsoft  changes  name  from  Greenwich  to 
RealTime  Communications  Server 2003  and 
emphasizes  it  will  be  a  corporate  product. 


July  2003 

Microsoft  Office  RealTime  Commu¬ 
nications  Server’s  name  is  changed 
to  Microsoft  Office  Live  Communi¬ 
cations  Server  2003. 

August  2003 

Office  Live  Communica¬ 
tions  Server  is  released 
to  manufacturing. 


i  i  l  l  i  '  i  i 


October  2002 

Company  confirms  Greenwich  will  inherit  services  that 
have  been  cut  from  the  next  version  of  Exchange,  code- 
named  Titanium. 


2003 


Network  Associates 
targets  SMB  management 


Takes 

■  A  flaw  in  almost  every  generation 
of  RealNetworks  streaming 
servers,  including  Helix  Universal 
Server  9  and  RealSystem  Server 
Versions  7  and  8,  could  be  exploited 
by  an  attacker  to  gain  root  access 
on  the  affected  machine.  The  flaw 
has  been  known  for  some  time,  but 
reports  of  an  exploit  are  just  surfac¬ 
ing.  A  patch  is  not  yet  available 
from  RealNetworks,  but  a  work¬ 
around  is  available  by  removing  the 
“View  source  plug-ins”  from  the 
“plug-ins"  directory  and  then  re¬ 
starting  the  server.  The  alert  can  be 
seen  at  www.nwfusion.com, 
DocFinder:  7428. 


■  IBM  last  week  bolstered  its  DB2 
Information  Integrator  software  to 
include  data  and  content  that  pack¬ 
aged  SAP  and  Oracle  applications 
generate.  IBM  expects  the  new  soft¬ 
ware  to  be  available  next  year.  DB2 
Information  Integrator  offers  a  single, 
consolidated  view  of  resources  scat¬ 
tered  across  a  company's  data 
sources.  IBM  says  with  DB2  Content 
Manager  customers  can  integrate  all 
forms  of  content  —  document,  Web, 
image  or  rich  media  —  across  diverse 
business  processes  and  applications, 
including  SAP  and  Siebel  Systems, 
plus  deliver  integrated,  consistent  con¬ 
tent  across  a  corporation.  The  soft¬ 
ware  consists  of  several  packages, 
including  Library  Server  and  Resource 
Server.  A  monthly  licensing  fee  starts 
at  $1,350  and  $750,  respectively. 


■  BY  DENISE  DUBIE 

Network  Associates  last  week  announ¬ 
ced  a  tool  designed  for  small  and  midsize 
businesses  that  the  company  says  makes 
enterprise-level  network  troubleshooting, 
security  and  analysis  capabilities  available 
in  a  low-priced  package. 

Netasyst  Network  Analyzer  is  software  in¬ 
stalled  on  a  Windows  XP  or  2000  server,  or 
a  laptop  for  mobile  use,  that  network  ad¬ 
ministrators  can  use  to  track  application 
traffic  running  across  their  10/100M 
bit/sec  LANs  and  802.11  wireless  net¬ 
works.  The  software  can  manage  band¬ 
width  allocation,  troubleshoot  network 
and  application  performance,  and  find 


potential  security  threats. 

Network  administrators  would  use 
Netasyst  to,  say,  check  how  much  band¬ 
width  an  application  consumes  and  to 
determine  if  the  network  needs  to  be 
upgraded  before  rolling  out  a  new  appli¬ 
cation.  The  software  can  detect  denial-of- 
service  attacks  by  tracking  the  traffic  flit¬ 
ting  servers  on  a  network.  And  if  an  end 
user  reports  a  poorly  performing  appli¬ 
cation,  network  administrators  can  use 
Netasyst  to  determine  the  source  of  the 
problem. 

Netasyst  is  based  on  Network  Associates’ 
Sniffer  Portable  technology  and  incorpo¬ 
rates  software  code  the  company  uses  in  it 

See  Network  Associates,  page  22 
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The  FCC  finally  recently  released  its 
new  rules  on  facility  sharing  in  the 
telecom  world.  As  far  as  I  can  tell  no 
one  is  happy  with  all  of  them  other  than 
the  lawyers. 

Most  of  the  FCC  commissioners  went 
so  far  as  to  file  statements  in  which  they 
agreed  to  disagree  with  parts  of  the  new 
rules.sometimes  quite  strongly  disagreeing. 

The  basic  outline  for  these  rules  was  es¬ 
tablished  in  February  with  the  time  from 
then  to  now  taken  up  with  FCC  commis¬ 
sioners  sniping  at  each  other  and  doing  all 
that  could  be  done  to  make  the  rules  sur¬ 


More  than  full  employment  for  lawyers? 


vive  the  inevitable  court  challenges.  Terse¬ 
ness  does  not  seem  to  be  a  Washington 
virtue,  as  the  FCC  order  (www.nwfusion. 
com,  DocFinder:  7427)  runs  576  pages,  of 
which  only  34  contain  the  rules. 

The  first  491  pages  are  explanations  and 
responses  to  comments  made  by  interested 
parties,  with  2,447  footnotes.  Anything  with 
that  many  footnotes  is  going  to  be  a  prob¬ 
lem  to  actually  read.  The  last  49  pages  are 
the  FCC  commissioners’  statements,  many 
of  which  will  figure  prominently  in  the  law¬ 
suits  currently  being  drawn  up. 

The  rules  are  almost  impossible  to  read 
because  they  are  presented  as  changes  to 
be  made  to  existing  regulations  rather  than 
as  new  regulations.  A  few  tidbits  do  stand 
out,  though, such  as  that  for  tail  circuit,  pric¬ 
ing  must  be  flat-rate. 

But  that  sort  of  thing  is  minor  compared 
with  two  big  issues.  First,  the  FCC  freed  car¬ 


riers  from  being  required  to  share  any  new 
broadband  facilities  they  install,  such  as 
fiber  to  the  home.  Second,  the  FCC  did  not 
free  carriers  from  being  required  to  share 
some  existing  facilities,  such  as  copper 
phone  wires  to  the  home.The  FCC  left  it  up 
to  state  regulators  to  decide  what  facilities 
fit  in  the  second  category 

If  the  FCC  had  gone  with  one  philosophy 
or  the  other  —  force  sharing  of  everything 
or  remove  the  sharing  requirement  for 
everything  —  the  commission  would  have 
had  only  half  the  world  mad  at  it.  But  by 
doing  both  at  the  same  time,  the  FCC 
seems  to  have  made  everyone  mad.  And, 
in  Washington,  D.C.,  mad  people  start 
throwing  lawyers  around.  We  can  look  for¬ 
ward  to  years  of  legal  challenges  to  all 
parts  of  the  rules. 

Maybe  by  the  time  some  of  the  legal  chal¬ 
lenges  are  resolved  one  of  the  assumptions 


underlying  the  main  dispute  will  be  proven 
one  way  or  the  other. The  FCC,  and  incum¬ 
bent  carriers,  have  claimed  that  these  pro¬ 
viders  need  to  be  freed  from  the  sharing  re¬ 
quirement  so  that  they  can  make  big  in¬ 
vestments  in  expanding  their  infrastruc¬ 
tures.  Well.  they  now  have  that  freedom 
when  it  comes  to  new  broadband  invest¬ 
ment.  Wanna  bet  on  them  now  making  the 
investments? 

Disclaimer:  I  have  no  proof  that  a  mole 
from  the  Harvard  Law  School  helped  fig¬ 
ure  this  out  to  ensure  jobs  for  new  law 
school  graduates,  but  if  results  of  an  action 
are  any  indication  of  the  purpose  of  an 
action  then  it  could  be.  In  any  case,  I  did 
not  ask  the  school  about  this  column. 

Bradner  is  a  consultant  with  Harvard 
University's  University  Information  Systems. 
He  can  he  reached  at  sob@sobco.com. 


Microsoft 

continued  from  page  21 

Live  Communications  Server  has  that  no¬ 
body  else  has  ...  is  integration  with  Office 
and  ShareFbint,”  Caplan  Grey  says.  Share- 
Fbint  is  Microsoft’s  file-sharing  and  team- 
collaboration  product. 

New  York  law  firm  Weil, Gotshal  &  Manges 
has  3,000  people  in  nine  countries  using 
instant  messaging.  The  firm  rolled  out 
Sametime  in  2001  and  uses  the  instant¬ 
messaging  and  presence  features  in 
several  custom  applications,  says  Richard 
Lowe,  associate  director  of  client  informa¬ 
tion  services  at  the  firm. 

“We  have  integrated  [instant  messaging] 
into  our  portal,  our  own  applications  and 
other  systems  such  as  ERP  software;  so 
rather  than  just  having  [instant-messag¬ 
ing]  conversations  happening,  they  can 
happen  in  context,”  Lowe  says. 

Providing  instant  messaging  in  context  is 


Network  Associates 

continued  from  page  21 

enterprise  products.  The  company  says  it 
designed  the  software  to  include  intelli¬ 
gence  about  network  protocols  and  com¬ 
mon  problems  and  known  fixes  to  help 
less-experienced  IT  managers  solve  com¬ 
plex  problems. 

The  company  says  it  made  the  software 
easier  to  use  for  smaller  IT  departments 
and  lowered  the  entry-level  pricing  (to 
$2,000  from  $6,500)  to  attract  customers 
with  between  100  and  500  employees.  The 
company  offers  six  versions  of  Netasyst, 
ranging  from  dedicated  server  software  to 
mobile  laptop  versions. Customers  also  can 
choose  to  include  expert  analysis,  wireless 
and  other  features. 

IDG  analyst  Stephen  Elliot  says  Netasyst 
could  provide  SMB  customers  with  an  ex- 
(H'rience  tool  at  a  low  cost  The  software  is 
designed  to  be  easier  to  deploy  and  to  ad¬ 
minister,  he  savs. 


one  of  Microsoft’s  goals.  Until  now,  Micro¬ 
soft  has  struggled  in  finding  a  home  for  its 
instant-messaging  product,  placing  it  first 
in  Exchange  and  then  toying  with  making 
it  part  of  Windows.  The  company  finally 
settled  on  Office  as  the  right  place. 

“The  Exchange  [instant-messaging]  pro¬ 
duct  was  not  really  ready  for  prime  time. 
Live  Communications  Server  is  a  much 
more  fully  baked  idea  and  part  of  a  long¬ 
term  road  map  for  their  collaboration  pro¬ 
ducts,"  says  Robert  Mahowald,  a  research 
manager  at  IDC. 

Still,  IBM’s  product  has  “four  distinct  ad¬ 
vantages”  over  Microsoft’s,  according  to 
Mahowald.  Sametime  has  a  lower  overall 
price,  includes  Web  conferencing,  does 
not  need  an  additional  server  and  offers 
modular  configuration,  he  says. 

Francis  deSouza,  formerly  Exchange 
instant-messaging  product  manager  at 
Microsoft  and  now  CEO  of  IMlogic,  which 
sells  software  that  overlays  security  and 


Breaking  even? 

Enterprise  software  vendors 
can  pay  salespeople  up  to 

$100,000 
or  more,  says  Ventana 
Research,  making  it 
difficult  for  vendors  to 
make  money  on  SMB 
companies,  which  typically 
spend  between  $10,000  and 
$50,000  on  licenses. 


“It  seems  like  they’ve  tried  to  put  some 
enterprise-level  IT  knowledge  into  a 
smaller  package  for  customers,”  Elliot  says. 
“But  the  proof  is  in  the  execution.”  He  says 
SMB  products  from  Network  Associates 


auditing  tools  on  public  instant-messaging 
systems,  said  Microsoft  has  had  to  go 
through  “learning  stages.” 

“We  initially  thought  [instant  messag¬ 
ing]  was  complementary  to  e-mail.  But 
Microsoft  learned  that  [instant  messag¬ 
ing]  and  presence  is  tied  more  to  Office. 
A  lot  of  usage  scenarios  involve  Office,” 
deSouza  says. 

Even  though  enterprise  instant-messag¬ 
ing  products  have  been  out  for  a  number  of 
years,  businesses  mostly  use  free  consumer 
instant-messaging  products,  according  to 
Osterman.  Others,  such  as  NetJets,  a  seller 
of  partial  ownership  of  private  jets,  shy 
away  from  instant  messaging,  blocking  it  at 
the  firewall. 

Having  found  that  instant  messaging  was 
not  being  used  for  business  purposes,  Net- 
Jets  cut  its  employees  off.  But  the  company 
plans  to  look  at  the  new  Microsoft  product, 
says  Bram  van  der  Ploeg,  NetJets’  CTO. 

“We  are  highly  interested  in  products 


and  its  competitors  WildPackets  and  Net¬ 
work  Instruments  must  be  easy  to  use,  in¬ 
expensive  and  easily  accessible  to  an  inex¬ 
perienced  IT  professional. 

“Smaller  companies  usually  don’t  realize 
they  need  network  management  tools  until 
after  they’ve  had  a  problem.  Most  of  them 
aren’t  looking  at  large  vendors  to  offer  a 
reasonably  priced, simple  solution, ”he  says. 

In  other  news,  Network  Associates  and 
competitor  Symantec,  announced  up¬ 
dates  to  their  anti-virus  software  products. 

Network  Associates  released  a  new  ver¬ 
sion  of  McAfee  VirusScan,  which  spots  spy- 
ware  and  adware,  and  lets  users  detect  and 
remove  suspect  software  applications  from 
systems  running  VirusScan. 

Symantec  made  similar  news  with  its 
Norton  AntiVirus  2004,  which  also  can  pick 
out  programs  that  are  not  viruses  but  pose 
a  threat  to  Internet  users'  privacy. 

The  IDG  News  Service  contributed  to  this 
story. 


like  Greenwich  that  allow  much  more 
control  over  the  instant-messaging  side. 
We  recognize  the  potential  benefits,”  van 
der  Ploeg  says. 

A  remaining  concern  NetJets  has  with 
investing  in  instant  messaging  is  adding  to 
the  number  of  information  streams  its  em¬ 
ployees  have  to  deal  with,  which  already  in¬ 
cludes  e-mail,  voice  mail,  phone  calls  and 
the  custom  workflow  application  NetJets 
uses,  van  der  Ploeg  says.“You  add  it  all  up, 
and  it  becomes  a  rather  confusing  set  of 
unmanaged  priorities.” 

At  Weil,  Gotshal  &  Manges,  instant  mes¬ 
saging  has  helped  employees  communi¬ 
cate  more  effectively  and  feel  closer  to  one 
another  despite  the  miles  between  them. 
Still,  this  is  an  evolutionary  rather  than  rev¬ 
olutionary  change,  says  Randy  Burkart,  di¬ 
rector  of  technology  programs  at  the  firm. 

Office  Live  Communications  Server  will 
quickly  establish  a  broad  user  base.  Ex¬ 
change  2000  instant-messaging  users  who 
bought  upgrade  rights  will  get  the  product 
at  no  extra  charge. 

Also,  loyal  Microsoft  customers  who  al¬ 
ready  use  Active  Directory,  SQL  Server  and 
Windows  Server  2003  and  those  who  plan 
to  use  Office  2003  likely  will  take  the  bait, 
analysts  say 

With  its  large  installed  base,  Microsoft 
might  be  the  spark  plug  for  enterprise 
instant-messaging  adoption,  analysts  say. 

“Organizations  that  are  fully  engaged  in 
the  Microsoft  environment  have  been  wait¬ 
ing  for  Microsoft  to  get  into  the  [instant¬ 
messaging]  and  collaboration  game,” 
Gartner’s  Caplan  Grey  says. 

IDC’s  Mahowald  agrees  but  pointed  out 
that  only  somewhat  cutting-edge  corpora¬ 
tions  will  be  able  to  adopt  it  at  first. 

“Office  Live  Communications  Server  is 
definitely  not  for  everybody. You  have  to 
do  some  fairly  significant  upgrades  in 
order  to  use  this  thing  out  of  the  gate,” 
Mahowald  says. 

Evers  is  a  correspondent  with  the  IDG 
News  Service ! s  San  Francisco  bureau. 
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The  grid  went  down.  Our  customers  did  not. 
That’s  why  over  85%  of  the  FORTUNE®  500® 
rely  on  VERITAS  software  for  disaster  recovery. 

veritas.com 
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We  make  any  service  provider  network 
more  secure. 


Network  Security  Projects, 
Lucent  Worldwide  Services 


Network  Planning 
&  Standards, 
Lucent  Bell  Labs 


Bell  Labs  Network  Security  Model 


TO  A  MORE 
SECURE  NETWORK 


FABRICATIONS 


8  Security  Dimensions 


VULNERABILITIES 


Lucent  Worldwide  Services 


INFRASTRUCTURE 
LAYER  > 


Together,  Lucent  Worldwide  Services  and  Bell  Labs  bring  you  unrivaled  networking  expertise  and  intelligent 
tools  to  help  make  your  network  more  secure.  With  our  Network  Survivability  Assessment  Service,  we  analyzed 
a  global  service  provider's  network  and  quickly  developed  a  security  scorecard  recommending  critical  network 
enhancements  across  eight  security  dimensions.  Then  we  showed  them  how  to  make  the  upgrades  without 
service  disruption.  See  how  we  can  make  your  network  more  productive,  more  reliable,  and  more  secure  than 
it  is  today  at  www.lucent.com/lws. 


Networks  that  work  smarter.  Networks  that  work  harder. 


Lucent  Technologies 

Bell  Labs  Innovations 
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Special  Focus:  wireless  services 

Mgmt.  tools  help  curb  cell  phone  costs 


■  BY  DENISE  PAPPALARDO 

No  one  wants  to  be  the  guy  on  the  block 
who  spends  the  most  on  wireless  services. 
Unfortunately  it  takes  time,  effort  and 
sometimes  a  capital  investment  to  ensure 
you’re  getting  the  best  service  rates  for 
your  organization. 

Negotiating  a  solid  contract  with  a  wire¬ 
less  carrier  that  fits  your  needs  is  a  good 
start,  but  that’s  not  where  cost-saving  efforts 


■  Oklahoma's  attorney  general 

last  week  filed  charges  against  MCI 
(legally  known  as  WorldCom)  and  its 
former  CEO  Bernie  Ebbers.The  state 
says  the  company  and  a  handful  of 
executives,  including  Ebbers,  violated 
security  laws  by  providing  false  infor¬ 
mation  to  investors.  The  state  attor¬ 
ney  general  says  the  company  inten¬ 
tionally  defrauded  investors  in  Okla¬ 
homa  by  inflating  the  value  of  MCl's 
stock.  The  carrier,  which  is  still  in  the 
middle  of  bankruptcy  proceedings, 
settled  its  suit  with  the  Securities 
and  Exchange  Commission  last 
month  regarding  the  company’s  $11 
billion  fraud,  which  entailed  falsifying 
company  earning  reports. 

■  DealTime,  a  shopping  search 
engine  and  consumer  reviews  com¬ 
pany  that  claims  more  than  1.5  mil¬ 
lion  unique  visitors  to  its  Web  sites 
every  day,  says  it  is  cutting  its  tele¬ 
com  costs  by  partnering  with 
Equinix.  DealTime  is  moving  its  IT 
operations  into  an  Equinix  Internet 
Business  Exchange  center,  which  is  a 
network  neutral  hub  that  acts  as  a 
peering  point  for  more  than  100  net¬ 
works.  Through  the  IBX,  DealTime 
will  have  direct  access  to  every 
major  U.S.  network,  cutting  telecom 
costs  of  connecting  to  partners  in 
multiple  locations  and  providing  the 
company  with  a  more  direct  path  to 
deliver  content  to  its  end  users, 
DealTime  executives  say. 


should  end. (see  www.nwfusion.com,  Doc- 
Finder:  7443). 

Companies,  which  In-Stat/MDR  says  will 
spend  a  collective  $12  billion  this  year  on 
wireless  services,  increasingly  are  turning 
to  tools  offered  by  carriers  and  third-party 
suppliers  to  get  a  better  handle  on  service 
costs  and  usage. 

“For  large  companies  dealing  with  mul¬ 
tiple  service  providers,  these  tools  can  be 
very  helpful,” says  Phil  Redman,  an  analyst 
with  Gartner. 

Flowserve,  an  Irving,  Texas,  maker  of 
valves  and  seals,  is  one  company  exploit¬ 
ing  such  tools.  The  company  saved 
$260,000  last  year  after  signing  on  for  Traq- 
wireless’  wireless  management  service, 
says  Pieter  Schoehuijs,  director  of  world¬ 
wide  IT  infrastructure  at  the  manufacturer. 

With  1,200  wireless  users,  Flowserve 
spends  a  lot  on  mobile  service  —  $6.5  mil¬ 


lion  last  year.  But  that  figure  would  have 
been  higher  had  the  company  not  used 
Traq’s  service,  which  let  it  cut  per-minute 
wireless  costs  from  24  cents  in  2001  to  20 
cents  in  2002.  And  Flowserve  says  it  ex¬ 
pects  further  per-minute  cost  reductions 
this  year. 

Before  teaming  up  with  Traq, Schoehuijs 
says  his  group  had  some  “good  practices" 
that  helped  bring  down  costs,  but  the 
company  hit  a  wall  in  2001.  Flowserve 
was  validating  all  charges  on  the  compa¬ 
ny’s  wireless  phone  bills  and  charging 
back  expenses  to  individual  departments. 
But  that  wasn’t  enough. 

Traq  optimizes  each  cell  phone  user  to 
the  right  plan  each  month.  Using  an  exten¬ 
sive  database  of  rate  plans  from  the  top 
seven  providers,  Traq’s  system  recom¬ 
mends  changes  to  individual  end-user 
See  Wireless,  page  27 


Cost  control 

Manufacturer  Flowserve  has 
reduced  its  wireless  service  costs 
dramatically  in  recent  years. 


Number  of  wireless  phones  deployed 


1999  2000  2001  2002 

‘Also  factors  in  associated  software  and  hardware  costs. 


Policy  software  targets  broadband  use 


■  BY  NETWORK  WORLD  STAFF 

Software  maker  Motive  Communi¬ 
cations  last  week  announced  a  product  it 
says  gives  service  providers  more  insight 
into  how  their  broadband  offerings  are 
being  used. 

The  company’s  Usage  Policy  Manager 
correlates  bandwidth  consumption  with 
available  and  potential  service  offerings, 
providing  DSL  carriers  and  cable  operators 
with  data  they  need  to  better  cater  their 
services  to  customers’  needs. 

“We’re  talking  about  service  providers 
being  able  to  manage  at  a  higher  level  so 
that  they  can  get  more  profits  out  of  their 
broadband  networks,”  says  Kip  Mc- 
Clanahan,  who  joined  Motive  as  president 
earlier  this  year  after  Motive  bought  Broad- 
Jump,  the  broadband  software  company 
he  co-founded. 

For  instance,  the  software  could  show  a 
service  provider  that  certain  customers 
might  be  better  off  with  a  “lite”  Internet 
access  service  than  a  higher-cost  and  high¬ 
er-speed  broadband  offering. While  the  ser¬ 
vice  provider  might  take  an  immediate  hit 
by  switching  a  customer  to  a  less-expen¬ 
sive  service,  the  move  could  help  keep  a 
customer  from  bailing  out  to  another  pro¬ 
vider  and  eventually  result  in  more  busi- 


fcfc  We’re  talking  about 
service  providers  being 
able  to  manage  at  a  higher 
level  so  they  can  get  more 
profits  out  of  their  broad¬ 
band  network.  99 

Kip  McClanahan 

President,  Motive 

ness  from  such  a  customer.  On  the  other 
hand,  the  software  could  include  a  policy 
that  would  identify  heavy-duty  network 
users,  for  instance  those  that  use  peer-to- 
peer  file  sharing  programs,so  that  a  service 
provider  easily  could  identify  a  candidate 
to  upsell  to  a  premium  service. 

Motive  officials  say  most  existing  policy 
management  software,  unlike  Usage  Policy 
Manager,  is  focused  more  on  tracking  net¬ 
work  elements  rather  than  how  the  net¬ 
work  relates  to  business  services. 

Usage  Policy  Manager  features  several 
components,  including  a  rules  generator,  a 
workflow  engine  that  handles  policy  en¬ 


forcement  and  a  console  for  operations 
and  customer  care  staff  to  keep  an  eye  on 
usage  trends  and  potential  service  prob¬ 
lems.  The  software  sits  at  various  locations 
within  a  service  provider  network,  with 
other  existing  management  packages. 

Motive  seeks  to  cash  in  on  the  escalating 
competition  between  DSL  and  cable  ser¬ 
vice  providers,  which  have  been  slashing 
prices  and  bundling  services  to  steal  cus¬ 
tomers  from  one  another  and  lure  new 
customers  to  broadband.  Motive  officials 
say  their  new  software  would  be  one 
more  tool  for  service  providers  to  use  to 
differentiate  themselves. 

Michael  Harris,  president  and  principal 
analyst  at  Kinetic  Strategies,  says  Motives 
offering  is  unique  in  providing  service 
views  to  executive  and  marketing  level 
employees. 

“One  thing  that  impresses  me  about 
Motive  and  BroadJump  is  that  they’ve  done 
a  really  good  job  focusing  on  areas  of  suffi¬ 
cient  value,  where  service  providers  are 
willing  to  pay  for  something,”  Harris  says. 
“That’s  unlike  other  areas,  especially  in 
cable,  where  products  have  become  com¬ 
modities  and  companies  selling  workflow, 
and  provisioning  tools  are  just  beating 
each  other  up.” 


See  Policy,  page  27 
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Dell  PowerEdge'  6650  4P  Server  and  Sun  Fire  V480  4P  Server 


Dell  |  Enterprise 

Last  year,  Dell  sold  more  Linux  servers  in  the  U.S.  than  any  other  server  vendor!  And  here's 

one  reason  why.  In  a  recent  Dell  test,  a  Dell/Oracle®  9//Linux  solution  running  an  Intel®  Xeon" 
processor-based  Dell  PowerEdge"  6650  4P  server  was  89%  faster  and  27%  less  expensive  than  a 
Sun  Fire  V480  4P  server  running  an  Oracle  9//Sun  Solaris  solution.2  To  see  complete  test  results,  go 
to  www.dell.com/migration16. 


There's  little,  if  any,  debate:  Migrating  from  UNIX  to  a  standards-based  solution  lowers  cost  and 
increases  flexibility.  Dell  gives  you  both  mind-bending  performance  and  unparalleled  expertise,  all 
at  a  great  value.  And  the  entire  solution  is  backed  by  enterprise  level  24/7  service  and  support. 


The  migration  is  on.  Find  out  how  you  can  make  the  most  of  it  for  your  organization.  Call 
1-866-871-9882  or  go  to  the  Dell  UNIX  Migration  online  calculator 
at  www.dell.com/migration1 6  to  see  how  a  Dell  solution  can  lower 
your  migration  costs  and  help  simplify  the  transition. 


Leading  enterprise  solutions.  Easy  as 
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EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


When  it  comes  to  Wi-R  services,  the 
big  boys  are  definitely  on  the  loose. 
SBC,  Sprint  and  Verizon  recently 
have  announced  plans  to  roll  out  Wi-R  hot 
spots  to  consumers  and  small  businesses 
— Verizon  plans  to  turn  up  1,000  hot  spots 
in  Manhattan  alone  by  year-end. 

Does  this  mean  Wi-R  services  have  come 
of  age?  Not  exactly.  While  it’s  certainly  true 
that  investments  by  major  service  pro¬ 
viders  represent  a  stamp  of  approval  of 
sorts,  from  an  IT  executive’s  perspective, 
three  key  elements  are  still  missing. 

First  is  a  compelling  business  model. 
Many  providers  foresee  offering  Wi-R  as  an 
adjunct  to  cellular  services  —  in  fact,  SBC 
will  use  its  relationship  with  wireless  oper¬ 
ator  Cingular  to  bring  an  integrated  Wi- 
Fi/3G  offering  to  market.  This  will  let  users 
seamlessly  move  between  cellular  and  Wi¬ 
fi  —  for  an  additional  fee. 

Will  such  capabilities  be  worth  the  cost 


Wi-Fi  service:  What's  missing? 


to  users?  It’s  unclear.  Wi-R  and  cellular  ser¬ 
vices  typically  have  different  usage  pat¬ 
terns  (primarily  because  of  differences  in 
end-user  devices). While  there’s  an  indis¬ 
putable  advantage  to  being  able  to  surf  the 
Web  from  a  laptop  in  Starbucks,  it’s  not 
clear  that  users  will  flock  to  “cellular-plus” 
services  that  augment  existing  phone  and 
data  services  with  Wi-R  bandwidth.  You 
probably  won’t  start  uploading  Excel 
spreadsheets  from  your  cell  phone,  in  other 
words.  So  I’m  not  holding  my  breath  wait¬ 
ing  for  users  to  sign  up  to  pay  more  for 
something  they  probably  won’t  use. 

A  secondary  business  model  is  a  bit 
more  promising:  the  providers  also  are  tar¬ 
geting  small  businesses,  which  can  offer 
hot  spots  (potentially  for  free)  as  a  way  to 
attract  and  retain  customers. The  service 
provider’s  customer,  in  this  model,  is  the 
small  business,  which  views  Wi-R  services 
as  a  sales  and  marketing  expense.This  isn’t 
a  bad  idea  —  watch  this  space. 

But  there’s  another  problem, having  to  do 
with  overall  network  architecture.  One  of 
the  big  advantages  to  having  traditional  tel¬ 
cos  behind  such  initiatives  is  the  cost  of 
backhaul. The  greatest  operational  cost  in¬ 
volved  in  managing  a  wireless  network  is 


the  cost  of  the  landlines  transporting  data 
from  access  points.  For  an  SBC  or  a  Verizon, 
this  cost  is  virtually  nil  —  SBC  reportedly 
says  its  Wi-R  investments  will  be  minimal 
because  it’s  utilizing  existing  network  infra¬ 
structure,  mainly  T-ls  and  DSL  local  loops. 

One  small  catch:  Wi-R  bandwidth  ranges 
from  2M  to  54M  bit/sec  per  user.  T-l  and 
DSL  typically  top  out  at  1.5M  bit/sec  total. 
So  using  a  T-l  circuit  to  backhaul  a  Wi-Fi 
hot  spot  supporting  multiple  (multi¬ 
megabit)  users  is  like  asking  a  go-cart  to 
shuttle  traffic  from  a  747. 

The  final  problem, from  an  IT  perspective, 
is  the  lack  of  enterprise-class  services.  A 
few  start-up  service  providers  are  seeking 
to  offer  a  nationwide  Wi-R  hot  spot  service 
that  would  let  companies  sign  up  for  a  sin¬ 
gle  consistent  service.  But  such  services  are 
still  in  their  infancy:  Most  hot  spot  services 
still  really  are  focused  on  consumers. 

Bottom  line:  Wi-Fi  services  are  neat,  but 
they’re  not  yet  ready  for  enterprise  network 
prime  time. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Visit  www.dell.com/migrationl6  and 
go  to  the  Dell  UNIX  Migration  online 
calculator  for  a  free  migration 
assessment.  Dell  offers  a  host  of 
end-to-end  migration  services, 
including  those  for  Oracle®  9/.  Call 
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continued  from  page  25 

plans  at  companies  with  anywhere  from 
five  or  5,000  employees.  Traq  says  it  can 
lower  any  companies’  costs  10%  to  40%. 

While  Traq’s  system  analyzes  and  recom¬ 
mends  rate-plan  changes  for  end  users, 
the  vendor  works  directly  with  its  cus¬ 
tomers’  wireless  carriers. 

Schoehuijs  says  Traq  first  sends  him  a  list 
of  recommendations  to  move  end  users  to 
new  service  plans.  If  he  approves  the  sug¬ 
gestions,  Traq  works  with  AT&T  Wireless, 
Flowserve’s  primary  wireless  carrier. 

Traq  puts  the  requests  in  and  follows  up 
the  next  month  to  be  sure  the  new  rate 
plans  were  instituted.  Schoehuijs  says  this 
is  a  big  help,  considering  his  telecom  de¬ 
partment  of  two.  Traq  charges  users  a  soft¬ 
ware  license  fee  that  includes  its  services, 
but  the  company  refused  to  reveal  specif¬ 
ic  pricing. 

Let’s  Talk  is  another  vendor  that  helps 


Policy 

continued  from  page  25 

Usage  Policy  Manager  is  a  new  product 
category  for  Motive,  which  until  now  has 
specialized  in  offerings  that  help  service 
providers  set  up  self-service  systems  for 
their  customers  and  that  let  carriers  acquire 
and  provision  customers.The  privately  held 
company,  which  started  in  1997  and  now 
has  400  employees,  says  it  has  been  prof¬ 
itable  for  the  past  five  quarters.  Motive  gen¬ 
erated  $54  million  in  revenue  last  year,  and 
company  officials  say  the  vendor  is  on 
track  to  as  much  as  double  revenue  this 


companies  better  manage  wireless  costs. 

It  offers  two  products  via  Web  sites  that 
customers  can  access  to  view  customized 
information.  The  first  is  the  Procurement 
Module,  which  contains  all  rate  plans  that 
a  company  has  negotiated  with  its  wire¬ 
less  providers.  Employees  are  encouraged 
to  visit  this  Web  site,  where  they  can  com¬ 
pare  all  of  the  plans  their  company  offers 
and  then  sign  up  for  the  one  that  best  fits 
their  needs. 

The  second  product  is  called  Asset 
Tracker.  It  is  tied  to  the  Procurement 
Module  and  also  a  company’s  human 
resources  department.  Asset  Tracker 
includes  information  on  all  employees  that 
have  been  issued  wireless  devices.  When 
an  employee  quits,  is  terminated  or  laid  off, 
human  resources  sends  a  message  to  Asset 
Tracker  to  determine  if  the  employee  had 
been  issued  any  wireless  devices. 

Disappearing  equipment  is  a  growing 
problem  at  businesses  with  hundreds  or 
thousands  of  wireless  users,  says  Gartner’s 


year  (partly  because  of  additional  revenue 
generated  by  products  BroadJump  sold). 

Motive  has  been  busy  with  new  develop¬ 
ments  of  late. The  company  recently  rolled 
out  its  first  self-service  offering  for  pro¬ 
viders  of  broadband  services  to  small  and 
midsize  business  customers.  Motive  al¬ 
ready  offers  such  a  product  for  sellers  of 
consumer  broadband  services. 

The  software  vendor  says  it  plans  to  make 
Usage  Policy  Manager  generally  available 
this  fall.  Like  many  service  provider  soft¬ 
ware  suppliers,  Motive  gets  tight-lipped 
when  it  comes  to  pricing.saying  only  that  it 
is  based  on  the  size  of  deployment.  ■ 


Redman.  Large  companies  have  found 
wireless  phones  still  in  use  by  former 
employees  two  to  three  years  after  they 
left,  he  says. 

As  the  cost  of  some  of  these  devices 
rises, companies  not  only  want  to  recover 
them,  but  they  also  want  to  turn  off 
service. 

Let’s  Talk  says  its  annual  service  rate  is 
based  on  the  number  of  employees  that 
access  the  system,  which  is  a  “tiny  percent 
of  a  company’s  overall  wireless  spend.” 
But  the  company  wouldn’t  reveal  pricing. 

Not  for  everyone 

Analysts  say  such  services  are  overkill 
for  some  customers.  Small  and  midsize 
companies  probably  are  better  off  with 
tools  their  carriers  provide,  Redman  says. 
This  is  especially  true  when  a  business 
uses  only  one  provider,  he  adds. 

Hawaii  Home  Loans  took  this  approach. 
The  company,  which  has  fewer  than  60 
employees,  uses  Sprint  PCS  services  exclu¬ 
sively  It  also  uses  the  carrier’s  Web  site  tool 
that  lets  the  mortgage  company  track  indi¬ 
vidual  usage  in  real  time,  says  Leonard 
Loventhal,  senior  vice  president  at  Hawaii 
Home  Loans  in  Honolulu. 

Loventhal  says  he’s  used  Sprint  PCS’ 
management  tool  to  ensure  employees 
use  their  wireless  phones  primarily  for 
business,  but  more  importantly  to  be  sure 
that  each  employee  is  using  the  most 
appropriate  rate  plan.B 
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■  PRODUCTS,  SERVICES  AND  STRATEGIES 
FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


WLAN  security:  A  big  problem  for  small  nets 


Emerging  standards  and  products  aim  to  remedy  the  problem, 


■  BY  JOHN  COX 

Rachel  Metz  opened  her  Apple  iBook  in 
June  to  take  some  notes  at  a  middle  school 
she  was  visiting  in  Palo  Alto,  the  heart  of 
Silicon  Valley 

Upon  bootup,  the  laptops  wireless  LAN 
adapter  picked  up  a  strong  WLAN  signal, 
which  it  displayed  onscreen,  along  with  a 
guest  logon  invitation.  Metz  found  she  had 
access  to  the  Internet,  via  the  school’s  open 
wireless  network. 

But  Metz  wasn’t  just  any  visitor.  She  is  the 
education  reporter  for  the  Palo  Alto  Daily 
News,  and  her  story  about  the  ease  with 
which  she  accessed  the  Palo  Alto  Unified 
School  District’s  network  became  front¬ 
page  news.  On  several  occasions,  Metz 
logged  on  as  a  guest  and  accessed  file 
servers.  In  one  instance  she  accessed  a 
server  that  temporarily  stores  a  variety  of 
information,  including  students’  grades,  ad¬ 
dresses  and  phone  numbers  —  even  some 
psychological  profiles. 

The  WLANs  that  Metz  encountered  are 
typical  of  those  found  in  smaller  organiza¬ 
tions,  and  in  branch  or  home  offices  of  re¬ 
mote  corporate  workers. One  of  the  chief 
causes  of  security  weaknesses  in  small 
WlANs  is  the  lack  of  a  security  infrastruc¬ 
ture  that  is  typical  in  big  companies: 
RADIUS  servers, VPNs,  elaborate  security 
policies  and  so  on. In  the  past, smaller  firms, 
telecommuters  and  the  like  “were  forced  to 
settle  for  security  that  is  flimsy  at  best,” 
Burton  Groups  Michael  Disibato  wrote  in  a 
January  2003  report  “Securing  Wireless 
LANs."The  alternative,  he  writes,  is  investing 


Takes 

■  Netgear  last  week  announced  a 
wireless  firewall  router  and  wireless 
PC  Card  that,  when  used  together, 
have  a  rated  speed  of  108M  bit/sec. 
Built  using  Atheros’  Super  G  technol¬ 
ogy.  the  802.11b/g  network  equipment 
is  designed  to  handle  bandwidth-hun- 
g-  y  entertainment  applications  for 
the  home.  Both  available  this  month, 
the  route>  (WGT624)  costs  $150:  the 
PC  Card  (WG511T)  $90. 


in  costly  infrastructure  improvements. 

Unlike  vendors  of  enterprise  WLAN  prod¬ 
ucts,  small  office/home  office  (SOHO) 
WLAN  vendors  treat  security  as  an  option: 
access  points  and  adapter  cards  ship  with 
security  features  such  as  Wired  Equivalent 
Privacy  (WEP)  turned  off,  and  these  fea¬ 
tures  must  be  activated  deliberately  during 
setup.  Repeatedly  surveys  find  users  don’t 
bother  to  turn  on  WEP  leaving  corporate 
data  on  laptops  and  servers  exposed  to 
even  the  most  casual,  accidental  wireless 
access  of  the  Palo  Alto  schools. 

To  combat  the  problem,  network  execu¬ 
tives  need  to  enforce  the  basics  of  wireless 
and  computer  security  and  keep  abreast  of 
emerging  security  standards  and  products. 
Best  practices  should  include  a  layered 
approach  that  make  it  as  tough  as  possible 
for  outsiders  to  access  the  WLAN  by  acti¬ 
vating  WEP  blocking  Service  Set  Identifier 
(SSID)  broadcasts  and  the  like. 

It’s  widely  known  that  WEP  is  vulnerable 
to  a  skilled  attacker  for  two  reasons.  WEP 
starts  to  repeat  fairly  quickly  the  data  ele¬ 
ments  used  in  the  scrambling  process,  ele¬ 
ments  hackers  can  use  to  decrypt  the  traf¬ 
fic.  And  WEP  doesn’t  automatically  change 
the  shared  key  or  encoder,  used  by  a  group 
of  clients  and  an  access  point,  giving  track¬ 
ers  more  chances  to  crack  the  code. 

Even  so,  WEP  still  slows  down  attackers 
and  prevents  passersby  from  viewing  wire¬ 
less  traffic.  “Things  like  using  WEP  and 
blocking  the  SSID  are  still  important  things 
to  do,”  says  E.J.  von  Schaumberg,  executive 
vice  president  for  WPCS  International,  a 
WLAN  integrator  in  Exton,  Pa. 


■  Bell  Canada,  BellSouth,  SBC  and 

Verizon  recently  announced  support 
for  the  DSLHome  Initiative.  Spear¬ 
headed  by  the  DSL  Forum,  DSLHome 
is  working  to  spur  DSL  adoption  by 
creating  industry  standards  for  resi¬ 
dential  gateways  and  other  home  net¬ 
work  equipment.  At  a  member  meet¬ 
ing  this  week  in  Boston,  the  DSL 
Forum  plans  to  present  a  proposal  for 
delivering  voice,  video  and  data  ser¬ 
vices.  Early  next  year,  the  incumbent 
local  exchange  carriers  plan  to  pre¬ 
sent  a  set  of  asymmetric  DSL  residen¬ 
tial  gateway  requirements. 


Standards  and  products  also  are  emerg¬ 
ing  that  promise  to  boost  WEP’s  security 

WLAN  vendors  are  introducing  products 
that  run  code  for  the  Wi-Fi  Protected  Ac¬ 
cess  (WPA)  specification,  with  a  variation 
called  Pre-Shared  Key,  which  is  designed 
for  SOHO  users.  WPA  is  an  early  version  of 
the  WEP  repair  work  being  done  by  the 
IEEE  802.1  li  Working  Group. 

WPA  improves  data  encryption  with 
Temporal  Key  Integrity  Protocol,  which 
makes  it  much  harder  to  unscramble  data 
encrypted  between  the  client  and  the  ac¬ 
cess  point.  WPA  also  adds  stronger  user  au¬ 
thentication  by  using  the  802. lx  authenti¬ 
cation  standard  and  Extensible  Auth¬ 
entication  Protocol.  Essentially,  the  client 
and  access  point  check  in  with  an  authen¬ 
tication  server,  such  as  RADIUS. 

But  for  SOHO  networks,  where  RADIUS 
servers  and  complex  authentication  infra¬ 
structures  are  rare,  WPA  uses  a  pre-shared 
key  This  key  is  a  password,  the  longer  the 
better,  which  a  user  types  in  for  the  access 
point,  and  each  wireless  client.  The  key 
authenticates  these  devices  to  each  other, 
after  which  the  improved  WPA  encryption 
and  other  safeguards  kick  in. 

Because  Microsoft  now  is  using  WPA  in 
Windows  XP  users  can  run  through  a  series 
of  screens  to  implement  WPA  between  an 
adapter  and  access  point.  Wireless  vendors 
such  as  Linksys  and  Buffalo  Technology  al¬ 
ready  are  shipping  new  access  points  and 
adapter  cards  with  WPA,  and  all  vendors 
are  waiting  for  Wi-Fi  Alliance  WPA  certifi¬ 
cation  testing. 

WLAN  products  typically  can  be  upgrad¬ 
ed  to  WPA.  Users  download  from  vendor 
Web  sites  new  firmware  code  for  the  ac¬ 
cess  point  and  a  new  driver  for  the  adapter 
card,  and  follow  installation  instructions. 

New  products  such  as  Code  Red 
Systems’  AirBlock  software  and  Funk 
Software’s  Odyssey  Server  also  are  aimed 
at  beefing  up  WLAN  security  of  smaller 
networks.  You  install  AirBlock  software  on 
each  client  PC,  type  in  a  password  that 
becomes  the  pre-shared  key, and  AirBlock 
automatically  configures  both  the 
adapter  card  and  the  access  point,  if  they 
have  WPA  code.  If  not,  AirBlock  will 
enhance  WEP  by  rotating  the  encryption 
keys  every  10  minutes.  The  software  also 
can  manage  devices  using  a  mix  of  WEP 
and  WPA.  AirBlock  costs  $40  per  user, 
with  volume  discounts  available. 

Funk's  new  Odyssey  Server  2.0  creates  a 


1.  Activate  basic  security. 

What  to  do:  Follow  WLAN  vendor's 
directions  on  setting  basic  security 
(such  as  WEP)  for  access  point, 
adapter. 

Pros:  It's  simple. 

Cons:  It's  basic;  won't  stop  serious 
attackers. 


2.  Upgrade  hardware. 

What  to  do:  Apply  vendor's  WPA 
firmware  upgrade  and  drivers  as  soon 
as  they're  available. 

Pros:  Stronger  data  encryption; 
authenticates  users. 

Cons:  Some  technical  knowledge 
needed;  might  require  operating 
system  update. 

3.  Consider  basic  management 
software:  Code  Red's  AirBlock. 

What  to  do:  AirBlock  configures 
either  WPA  or  WEP  settings  for 
access  point  and  clients. 

Pros:  It’s  automatic. 

Cons:  Brand-new  product  focused 
on  systems  integrators;  group  policy 
administration  doesn’t  appear  to  be 
part  of  the  package. 

4.  Consider  basic  security 
infrastructure:  Funk's  Odyssey. 

What  to  do:  Load  software  on  PC 
or  server;  training  needed  to  conf  igure. 
Pros:  Simplified  RADIUS  authen¬ 
tication;  alternative  to  VPN;  supports 
range  of  security  standards  and 
protocols. 

Cons:  Systems-level  product,  so 
expertise  needed  to  set  up  and  run; 
requires  802. lx  clients. 


security  infrastructure  based  on  the  IEEE 
802. lx  standard.  Odyssey  is  client  and 
server  software  that  uses  the  access  point 
to  establish  an  authenticated  connection. 

Funk  has  802. lx  software  that  runs  on 
Windows  versions,  and  Odyssey  supports 
several  authentication  protocols.  You  also 
can  buy  the  application  installed  on  a  pre¬ 
configured  server  from  Funk  partner  Net¬ 
work  Engines.  Funk  Odyssey  2.0  costs 
$2,500  for  a  server,  with  25  clients.  ■ 


ISNS  eases  management  of  storage  nets 


HOW  IT  WORKS 


Internet  Storage  Name  Service 

Eliminating  the  need  for  manual  configuration  of 
storage  devices,  iSNS  lets  servers  automatically 
identify  and  connect  to  authorized  storage  resources. 
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©  Clients  register  with  the  iSNS  server. 

©  ISNS  server  places  iSCSI  Server  A  and  iSCSI  Disk  1  into  a  discovery  domain,  and  iSCSI  Server  B  and 
Fibre  Channel  Disk  1  into  another  discovery  domain.  The  iSNS  server  sends  out  state-change  notifications 
to  members  of  the  respective  discovery  domains. 

©  ISCSI  Server  A  connects  to  iSCSI  Disk  1  and  iSCSI  Server  B  connects  to  Fibre  Channel  Disk  1.  ISCSI 
Server  A  and  iSCSI  Server  B  can’t  see  any  targets  outside  of  their  respective  discovery  domains. 


■  BY  PRASAD  PAMMIDIMUKKALA 

Internet  Storage  Name  Service  brings  the 
plug-and-play  capabilities  of  Fibre  Channel 
to  IP  storage  networks.  ISNS  facilitates  auto¬ 
mated  discovery  management  and  config¬ 
uration  of  iSCSI  and  Fibre  Channel  devices 
on  a  TCP/IP  network.  In  a  Fibre  Channel 
fabric, a  simple  name  server  provides  these 
services. 

In  any  storage  network,  servers  (or  initia¬ 
tors)  need  to  know  which  storage  re¬ 
sources  (or  targets)  they  can  access.  One 
way  to  accomplish  this  is  for  an  adminis¬ 
trator  to  configure  each  initiator  manually 
with  its  own  list  of  authorized  targets  and 
configure  each  target  with  a  list  of  autho¬ 
rized  initiators  and  access  controls. But  this 
process  is  time-consuming  and  error- 
prone,  and  accidentally  configuring  multi¬ 
ple  servers  to  access  the  same  storage 
resources  could  be  disastrous. 

An  Internet  storage  name  server  lets 
servers  automatically  identify  and  connect 
to  authorized  storage  resources.  Letting  the 
servers  dynamically  adapt  to  changing 
storage  resource  membership  and  avail¬ 
ability  without  human  intervention  results 
in  even  more  efficiency 

Whereas  a  Fibre  Channel  storage  name 
server  can  handle  only  Fibre  Channel 
devices,  iSNS  can  accommodate  iSCSI 
devices  and  Fibre  Channel  devices  via  the 
Internet  Fibre  Channel  Protocol.  End  nodes 
(initiators  and  targets)  in  an  iSNS  environ¬ 
ment  run  a  lightweight  iSNS  client  that  rep¬ 
resents  the  host  device  to  the  iSNS  server. 

ISNS  provides  the  following  services: 

•  Name  registration  and  discovery  ser¬ 
vices  —  Targets  and  initiators  register  their 
attributes  and  address,  and  then  can  obtain 
information  about  accessible  storage  de¬ 


vices  dynamically 

•  Discovery  domains  and  logon  control 
service  —  Resources  in  a  typical  storage 
network  are  divided  into  groupings 
called  discovery  domains,  which  can  be 
administered  through  network  manage¬ 
ment  applications.  Discovery  domains 
enhance  security  by  providing  access 
control  to  targets  that  are  not  enabled 
with  their  own  access  controls,  while  lim¬ 


iting  the  logon  process  of  each  initiator  to 
a  relevant  subset  of  the  available  targets 
in  the  network. 

•  State-change  notification  service  — 
The  iSNS  server  notifies  relevant  iSNS 
clients  of  network  events  that  could  affect 
the  operational  state  of  storage  nodes. 
Events  such  as  storage  resources  going 
offline,  discovery  domain  membership 
changes  and  link  failure  in  a  network  can 


trigger  state-change  notifications.  These 
notifications  let  a  network  quickly  adapt 
to  changes  in  topology,  which  is  key  to 
scalability  and  availability. 

•  Open  mapping  of  Fibre  Channel  and 
iSCSI  devices  —  The  iSNS  database  can 
store  information  about  Fibre  Channel 
and  iSCSI  devices  and  mappings  between 
the  two  in  a  multi-protocol  environment. 
The  mapped  information  is  then  available 
to  any  authorized  iSNS  client. This  central¬ 
ized  approach  is  open  and  scalable 
instead  of  retrieving  the  mappings  from 
individual  iSCSl-FC  gateways  using  propri¬ 
etary  mechanisms. 

ISNS  clients  discover  the  iSNS  server  or 
servers  using  a  variety  of  mechanisms, 
including  Dynamic  Host  Configuration 
Protocol,  Service  Location  Protocol  and 
broadcast  or  multicast  heartbeat  mes- 
sages.The  iSNS  framework  allows  for  back¬ 
up  iSNS  servers  that  provide  redundancy 
and  failover. 

ISNS  servers  also  can  store  and  distribute 
X.509  public-key  certificates  used  for 
authenticating  iSCSI  storage  nodes  during 
the  logon  process. 

By  facilitating  a  seamless  integration  of 
IP  and  Fibre  Channel  networks,  iSNS  pro¬ 
vides  value  to  any  storage  network  com¬ 
posed  of  iSCSI  and/or  Fibre  Channel  de¬ 
vices.  The  iSNS  specification  is  on  the 
standards  track  with  the  Internet  En¬ 
gineering  Task  Force  IP  Storage  Working 
Group  and  is  expected  to  be  classified  as 
a  proposed  standard  soon. 

Pammidimukkala  is  a  director  of  product 
management  for  Nishan  Systems  and  is  the 
iFCP  subgroup  chair  in  the  SNIA  IP  Storage 
Forum.  He  can  be  reached  at  prasad@ 
nishansystems.  com. 


Dr.  Internet  By  Steve  Blass 

How  can  you  install  a  clean  copy  of  Windows 
2000  or  XP  without  reformatting  the  hard  drive? 

If  your  system  has  enough  free  disk  space  for  a 
second  operating  system,  you  can  reinstall  Win 
2000  or  XP  from  scratch  without  wiping  out  the 
entire  drive.  Clean  up  the  drive  and  make  a  back¬ 
up.  Gather  the  installation  disks  and  files  for  your 
operating  system,  antivirus  software  and  applica¬ 
tions.  Download  the  latest  updates  and  save 
them  to  a  diskette  or  CD.  Use  an  NTFS-capable 


partition  management  utility  (such  as  Bootlt-NG; 
go  to  www.nwfusion.com,  DocFinder:  7426,  for 
more  information)  to  split  an  existing  disk  parti¬ 
tion  to  create  fresh  unformatted  disk  space  on 
your  computer.  Follow  the  instructions  on  your 
partition-manager  software  to  mark  the  new  par¬ 
tition  active.  Shut  down  the  computer  and  reboot 
from  a  write- protected  operating  system  installa¬ 
tion  disk.  Install  a  clean  copy  of  the  operating 
system.  After  installing  it,  test  to  ensure  you  suc¬ 
cessfully  can  restart  the  system  to  boot  the  new 


clean  version  of  the  operating  system.  Install 
your  operating  system  updates,  anti-virus  soft¬ 
ware  and  virus  definitions.  Once  you  are  comfort¬ 
able  that  the  new  installation  starts  correctly, 
you  can  erase  the  Windows  (or  WINNT)  directory 
from  the  old  boot  partition.  Then  reinstall  your 
application  software. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@chang’ 
atwork.com. 
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Storage  servers,  backups  and  architectures 


Last  week  we  almost  wrapped  up  our 
discussion  of  the  Snap  Server  2200 
from  Snap  Appliance  but  were  left 
with  what  looked  like  a  bug.  And  indeed  it 
was,  as  far  as  can  be  determined,  a  “you’re 
kidding  me,  are  you  sure?  wha’  the?  never 
seen  it  before”  kind  of  thing  that  has  not 
happened  since.  Why  is  it  we  always  get 
these  weird  things  happening  in  the  Gear- 
head  Underground  Highly  Secret  Bunker? 

Anyway,  we  stick  with  our  assessment  of 
the  Snap  Server  2200  as  a  good  work- 
group-level  storage  appliance.  We’d  go  so 
far  as  to  boost  that  to  “excellent.” 

Oh,  but  don’t  expect  td  be  thrilled  with 
the  bundled  Windows  back-up  software 
called  DataKeeper  that  comes  with  the 
Snap  Server.  It  works,  but  it  is  odd.  For 
example,  you  can’t  browse  your  network 
neighborhood  for  a  back-up  destination, 
even  though  you  can  specify  a  network 
server  and  subdirectory  by  typing  the  full 
Universal  Naming  Convention  path. 
DataKeeper  also  has  a  horrible  mecha¬ 


nism  that  enumerates  all  the  files  it  is  sup¬ 
posed  to  back  up,  and  reports  them  as 
errors  if  you  tell  it  to  stop  a  backup  before 
it  finishes.  If  you  do  this  and  the  backup 
involves,  say  10,000  or  more  files,  you 
might  want  to  consider  going  for  coffee,  a 
massage  and  a  haircut  while  it  finishes.  Or 
just  kill  it  off  with  the  task  manager,  which 
is  faster  but  ugly,  ugly,  ugly 

That  said,  the  product  does  do  continu¬ 
ous  real-time  backups  and  is  smart 
enough  to  perform  a  backup  to  local  stor¬ 
age  if  the  network  storage  is  unavailable 
and  then  synchronize  when  it  does 
become  available. 

So  what  have  we  learned  from  this  and 
the  other  storage  servers  we’ve  looked  at? 
To  begin  with,  if  you  are  going  to  use  one 
to  support  a  remote  workgroup  you 
absolutely  need  a  Web  interface  like  the 
Snap  Server’s. 

But  you  absolutely  must  hide  the  storage 
server  behind  a  firewall  unless  the  server 
supports  Secure  Sockets  Layer  (SSL)  or 
Transport  Layer  Security  Otherwise,  don’t 
even  think  of  providing  access  by  for¬ 
warding  Port  80  from  the  firewall  —  it  isn’t 
a  safe  architecture  because  any  weakness 
in  the  server  could  be  exploited  and  a 
wily  hacker  could  “listen  in”  to  discover 
your  server  access  name  and  password. 


...if  you  are  going  to  use 
one  to  support  a  remote 
workgroup  you  absolutely 
need  a  Web  interface  like 
the  Snap  Server's. 

There  are  a  couple  of  solutions.  First,  you 
could  use  a  firewall  that  supports  VPN 
links.  Or  you  could  use  your  Web  browser 
to  make  an  HTTPS  (HTTP  with  SSL)  con¬ 
nection  (which  defaults  to  Port  443)  to  an 
HTTP  proxy  that  can  speak  and  terminate 
SSL.  In  other  words  the  connection  from 
the  browser  through  the  firewall  to  the 
proxy  is  HTTPS,  while  from  the  proxy  to  the 
server  everything  is  HTTPThis  lets  you  de¬ 
fend  your  communications  right  through 
the  firewall  and  change  to  an  unsecured 
connection  where  it  is  safe  to  do  so. 

A  proxy  server  that  you  might  want  to 
check  out  for  this  kind  of  configuration  is 
Http  Bridge  (www.nwfusion.com,  Doc- 
Finder:  7429),  an  open  source  proxy 
released  under  the  Massachusetts  Institute 
of  Technology  license  (go  to  DocFinder: 
7430  for 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Backup  via  one  button 

Maxtor  last  week  launched  a  line  of  external  storage 
hard  drives  that  includes  software  to  let  you  back  up  per¬ 
sonal  data  with  the  touch  of  a  button.  The  Maxtor 
OneTouch  line  includes  Dantz  Retrospect  Express  soft- 

The  Maxtor  OneTouch  backs 
up  personal  data  with  a 
touch  of  the  button. 


ware,  which  handles  disaster  recovery 
and  automatic  backups. 

The  devices  include  capacities  of 
120G  bytes  ($200),  200G  bytes  ($300), 

250G  bytes  ($350)  and  300G  bytes 
($400),  Maxtor  says.  In  addition  to  mak¬ 
ing  back-up  copies  of  files  or  conduct¬ 
ing  automatic  backup,  the  OneTouch 
button  can  be  customized  to  launch 
other  applications  automatically.  For 
example,  touching  the  button  could 
launch  the  music  player  and  start  play¬ 
ing  MP3  files  stored  on  the  device. 

Get  an  iPaq  for  $200 

HP  last  week  launched  a  new  iPaq  Pocket  PC, 
the  h  1935,  which  it  plans  to  sell  for  $200  (after  rebates).The 
device  features  a  color  transflective  display  and  a  thin 
design  that  makes  it  easier  to  put  in  your  pocket. 

The  hi 935  doesn’t  have  embedded  wireless  capabilities, 
but  does  include  a  Secure  Digital  I/O  expansion  slot  that 
lets  a  user  purchase  a  wireless  SDIO  card  from  a  third-party 
vendor.  In  addition,  the  SDIO  slot  can  be  used  for  extra  stor¬ 
age  space  or  memory  or  even  for  a  digital  camera,  such  as 
HP’s  Photosmart  Mobile  Camera. 

The  device  includes  a  rechargeable  and  removable  bat¬ 
tery  that  HP  says  offers  up  to  eight  hours  of  life.  An  option¬ 
al  USB  synchronization  cradle/charger  lets  users  recharge 
the  pocket  PC  and  a  spare  battery  simultaneously 

The  device  runs  on  the  Windows  Mobile  2003  software 
for  Pbcket  PC,  has  a  Samsung  203-MHz  processor,  64M 
bytes  of  SDRAM  (56M  bytes  of  main  memory)  and  a  color 
display  that  shows  more  than  64,000  colors.  It  weighs  4.46 
ounces  and  measures  4.46  by  2.75  by  0.5  inches. 

Two  Toshiba  projectors 

Toshiba’s  Computer  Systems  Group  last  week 
announced  two  ultra-portable  projectors,  the  TLP-S10U 


more  information). 

Http  Bridge  is  written  in  Java  and 
requires  the  Tomcat  Java  servlet  container 
(in  other  words,  an  application  server  that 
runs  Java  servlets  —  see  DocFinder: 
7431).  Note  that  this  combination  —  Http 
Bridge  and  Tomcat  —  can  be  run  on 
Windows,  Linux  or  pretty  much  any  plat¬ 
form  that  supports  Java. 

That  wraps  it  up  for  the  Snap  Server 
2200,  but  before  we  head  off  we’d  like  to 
note  some  comments  from  reader  Doug 
Porter  regarding  our  recent  columns  on 
Samba  (DocFinder:  7432).  He  points  out 
that:  1)  You  only  need  WINS  for  Windows 
98  and  95  clients  that  connect  to  existing 
resources  within  the  Windows  NT  envi¬ 
ronment;  2)  Win  98  machines  can  use 
DNS  and  Active  Directory  “lookups”  to 
replace  the  functionality  WINS  provides; 
and  3)  Windows  2000  training  materials 
indicate  that  Windows  clients  running 
2000,  XP  or  later  no  longer  use  WINS,  but 
rather,  DNS. 

Yep,  Doug,  this  is  the  usual  mess  that 
makes  companies  throw  up  their  hands 
and  upgrade  just  to  try  to  stay  out  of  trou¬ 
ble.  It  never  quite  keeps  you  out  of  trouble, 
but  it  won’t  get  you  fired. 

Points  to  gearhead@gibbs.com. 


HP's  hi  935  is  the  least  expensive 
iPaq  so  far. 

and  TLP-S41U.The  projectors,  available 
now,  are  aimed  at  small  and  midsize 
businesses,  mobile  travelers  and  the 
education  market. 

The  TLP-S10U  costs  $999  and  weighs 
4.8  pounds.  It  includes  a  brightness  of 
1,200  lumens,  has  a  400:1  contrast  ratio, 
and  supports  SVGA  (800-by-600-pixel) 
resolution. 

The  TLP-S41U  weighs  6.1  pounds, 
comes  with  a  detachable  document 
camera,  and  offers  1,600  lumens  of 
brightness,  a  400:1  contrast  ratio,  automatic 
keystone  correction  and  native  SVGA  support. 
TheTLP-S41U  costs  about  $1,800. 

D-Link  wants  to  help  hot-spot  providers 

D-Link  Systems  last  week  launched  a  wireless  hot-spot 
gateway  that  includes  a  firewall,  Dynamic  Host  Config¬ 
uration  Protocol  server  and  router  features  for  public  and 
private  broadband  Internet  access  in  one  device. 

The  D-Link  Airspot  DSA-3100  ($600)  is  aimed  to  pro 
vide  an  “out  of  the  box" solution  for  companies  that  want 
to  provide  wireless  LAN  access,  D-Link  says.  It  includes 
the  ability  to  control  up  to  250  public  user  accounts 
while  managing  a  private  LAN  for  employees  behind  the 
firewall. 

Other  features  include  key  management,  audit  trail 
capabilities  and  a  Web-based  configuration  menu. 

The  gateway  automatically  can  configure  a  customer's 
laptop  or  PDA  to  the  network,  and  directs  the  Web  browser 
to  a  customized  Web  site  to  log  on.The  gateway  owner  can 
track  time,  monitor  sites  being  visited,  block  unwanted 
sites  and  limit  bandwidth. 

Shaw  can  be  reached  at  kshaw@nww.com. 


Complimentary  Event  for  Network  and  IT  Professionals  Only! 
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September  3, 2003  ►  New  \brk,  NY 
September  4, 2003  ►  Atlanta,  GA 
September  23, 2003  *  Houston,  IX 
September  25, 2003  »  San  Jose,  CA 


WHAM!  Wireless  has  exploded.  Your  options?  Staggering.  Opportunities?  Endless.  But 
beware. ..danger  abounds!  One  wrong  decision  could  expose  your  data.  Weaken 
your  security.  Degrade  network  performance.  And  drain  profits  enterprisewide. 

Are  you  ready  to  make  crucial  decisions  that  just  won't  wait?  Join  us  for  Wireless  LANs: 
Smart  Growth  for  802.11  Networks  a  new  Network  World  Technology  Tour  event.  Discover 
the  relative  advantages  of  802.11  g,  b  and  a  standards.  The  sudden  advances  in  wireless 
roaming.  The  hidden  risks  of  wireless  voice  and  video.  The  real  reasons  behind  the  push  to 
WPA  protocols.  And  the  crucial  role  of  3G  in  the  wireless  arena. 

Let's  face  it,  wireless  is  hot.  But  that  just  puts  more  heat  on  you.  So  don't  miss  this  exclusive 
event.  Harness  the  power  of  today's  802.1 1  explosion  and  put  it  to  work  for  the  future  of 
your  enterprise. 

Advance  Reservation  by  Qualified  Professionals  is  Required 
for  Complimentary  Attendance 

REGISTER  NOW! 

Online  at  www.nwfusion.com/events/wlan2 
or  call  1-800-643-4668 


KEYNOTE  SPEAKER 
Tom  Henderson 

Principal  Researcher,  Extreme  Labs,  Inc. 
Member,  Network  World's  Global  Test 
Alliance 


►  CIOs 

►  IT/IS  managers/directors/executives 

►  Network  and  security  architects 

►  Network  and  security  managers 

►  Systems  managers/administrators 

►  LAN/WAN  administrators 


►  latest  on  developing  802.11  standards 

►  optimum  techniques  for  deploying  WLANs 

►  most  effective  wireless  security  solutions 

►  leading  applications  for  WLANs 

►  strategies  that  overcome  structural 
interference 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  wireless 
LAN  products  and  services. 
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To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D' Amato  at  508-490-6520  or  adamato@nww.com  for  free,  no-obligation  information 
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EDITORIAL 

John  Dix 

Showdown  set 
for  fall  VON 
in  Boston 


For  our  fourth  Network  World  Showdown  at  the  Voice 
on  the  Network  conference  —  this  one  Sept.  23  in 
Boston  —  we  challenged  a  handful  of  IP  PBX  ven¬ 
dors  and  IP  Centrex  service  providers  to  come  mix  it  up 
in  a  presidential-style  debate.  All  have  accepted. 

Our  lineup  will  include:  Ciscos  Bill  King,  manager  of  tech¬ 
nical  marketing;  Avaya’s  Danzil  Samuels,  vice  president  of 
the  service  provider  division;  Nortel’s  Tony  Pereira,  director 
of  Enterprise  Solutions  Marketing;  GoBeam’s  Jeff  Stern,  exec¬ 
utive  vice  president  and  co-founder;  and  M5  Networks’  Phil¬ 
lip  Kim, CFO  and  director  of  research  and  development. 

The  first  three  are  household  names,  but  GoBeam  and 
M5  might  need  some  introduction.  GoBeam  offers  what  it 
calls  a  virtual  PBX  service  through  a  string  of  local  deal¬ 
ers,  and  wholesales  service  through  some  big  names  like 
Verizon.  M5  offers  what  it  calls  a  Managed  Telecom 
Sendee,  primarily  in  the  New  York  area. 

We  won’t  pit  the  Centrex  camp  against  the  customer 
premises  equipment  (CPE)  suppliers  as  we  did  last 
October  at  VON,  but  simply  treat  all  comers  as  potential 
solution  providers.  Even  though  IP  Centrex  is  still  only 
available  on  a  limited  basis,  it  is  gaining  momentum  and 
should  be  considered  by  enterprise  customers  as  a  viable 
alternative. 

One  of  the  beauties  of  voice  over  IP  (VoIP),  after  all,  is  it 
doesn’t  much  matter  where  the  call  controller  is  on  the  IP 
network. That  means  telephone  companies  can  host  the 
servers  and  offer  managed  services  that  rival  the  benefits 
of  CPE-based  offerings. 

Besides  relieving  customers  of  basic  management 
responsibilities,  hosted  services  offer  a  better  disaster/sur¬ 
vivability  story  because:  1)  the  controller  is  off-site;  and  2) 
telco  central  offices  have  about  as  many  built-in  safety 
features  as  you  can  get.  What’s  more,  with  IP  Centrex,  cus¬ 
tomers  can  wipe  their  hands  of  upgrade  hassles  and  ver¬ 
sion  control  problems. 

IP  PBXs  offer  their  own  advantages,  of  course  —  you 
can  migrate  more  gradually  and  IP  PBXs  can  be  used 
with  a  range  of  service  providers  —  but  the  point  is  that 
VoIP  levels  the  playing  field.  It  is  time  to  examine  both 
options  when  an  upgrade  is  in  order. 

As  in  previous  VON  Showdowns,  yours  truly  and  co-host 
Mike  Hommer,  manager  of  consulting  for  Miercom.will 
open  the  session  by  posing  questions  to  individual  ven¬ 
dors.  Then  Hommer  and  1  will  play  referee,  letting  vendors 
question  each  other,  and  then  we’ll  open  it  up  for  ques¬ 
tions  from  the  audience. 

Hope  to  see  you  at  the  show:  Sept.  22-25  at  the  Hynes 
Convention  Center  in  Boston  (www.von.com). 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Patch  problem 

Regarding  “Patch  management  burdens  custo¬ 
mers”  (www.nwfusion.com,  DocFinder:  7423): 
Having  tried  several  commercial  patch  products 
and  purchased  the  St.  Bernard  application,  I  have 
found  one  major  problermThere  is  no  way  to  set  up 
a  patch  repository  for  remote  WAN  sites.  To  patch 
my  company’s  remote  site  for  Windows  2000  SP4, 1 
have  to  send  that  124M-byte  file  over  the  slow  WAN 
link  to  every  workstation  instead  of  being  able  to 
designate  a  remote  location. 

Dave  Mackler 
MIS  administrator 
Mesa  Developmental  Services 
Grand  Junction,  Colo. 

Spam  solutions 

Regarding  Mark  Gibbs’  “Backspin”  column  “Solving 
the  spam  equation”  (DocFinder:  7424):  I  have  long 
felt  that  spam  (and  pop-ups  and  spyware)  are  more 
than  nuisances,  they’re  expenses  most  people  fail 
understand.  Many  of  us  have  seen  customers  forced 
to  purchase  additional  bandwidth  and  expensive 
upgrades  for  PCs  and  mail  servers  to  deal  with  this 
phenomenon,  not  to  mention  service  required  to  fix 
problems  caused  by  poorly  written  spyware. 

After  finding  so  much  to  agree  with,  imagine  my 
surprise  at  reading  Gibbs’ woefully  poor  second  sug¬ 
gestion  for  dealing  with  spam:  new  laws. 

We  do  not  need  politically  inspired  laws  to  curb 
spam;  it’s  not  just  a  bad  idea,  but  probably  an 
unworkable  one.  In  the  Internet  age,  an  e-tailer  or 
Web  site  can  be  produced  and  housed  anywhere  in 
the  world;  thus,  an  e-tailer  or  Web  site  outside  the  U.S. 
probably  would  be  unaffected.  Those  spammers 
within  the  U.S.  probably  would  challenge  any  such 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01 772. 
Please  include  phone  number  and  address  for  verification. 


laws  on  First  Amendment  grounds.  They  stand  a 
good  chance  of  being  successful. 

Beyond  that, in  the  age  of  modern  terrorism, do  we 
need  our  law  enforcement  wasting  resources  chas¬ 
ing  spammers?  As  Americans  worry  and  fret  over 
taxes  and  budget  deficits,  do  we  want  to  create  a 
new,  big,  wasteful,  government  bureaucracy  to  mon¬ 
itor  and  enforce  compliance  with  such  laws? 

No,  the  best  solution  is  simply  not  to  reward 
spam.  Don’t  do  business  with  companies  that  use 
or  promote  it,  and  let  them  know  why.  Filter  it  in 
corporate  environments.  Find  the  e-mail  addresses 
of  the  site  owners  and  put  them  on  spam  lists. 

Americans  always  have  felt  government  should  be 
minimally  invasive  in  our  lives,  and  should  not  be 
looked  on  to  solve  every  petty  annoyance  we  suffer. 
The  Internet  should  not  change  this  philosophy 

Dave  Koffman 
President 
MOC  Consulting 
Wappingers  Falls,  N.Y 

As  a  corporate  Webmaster  in  charge  of  seven  divi¬ 
sional  sites,  I  get  a  lot  of  spam.  In  the  nine  days  I  was 
out  on  vacation  this  summer,  I  received  648  spam 
messages  and  12  valid  messages. 

The  best  filter?  If  you  shunt  any  HTML-encoded 
message  into  a  folder  marked  “spam?” you  will  catch 
90%  to  95%  of  all  spam  with  a  better  than  99%  accu¬ 
racy  Such  a  filter  will  catch  a  few  newsletters,  but 
they  are  generally  no  great  loss.  I  have  never 
received  a  valid  HTML-encoded  message  that 
gained  anything  from  the  coding,  nor  an  HTML  mes¬ 
sage  with  information  I  could  not  afford  to  lose. 

If  all  business  and  personal  correspondence  were 
in  ASCII  plain  text  or  mime  encoded,  the  spammers 
would  be  caught  between  a  rock  and  a  hard  place: 
If  they  use  HTML,  it  goes  to  trash;  if  they  use  plain 
text,  corporate  filtering  becomes  more  effective. 

Eric  Kratschmer, 
Southampton,  Pa. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder.  7421 
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VENTURE  OVER  THE  HORIZON 

David  Ladd 

The  early  use  of  Internet  protocols  and 
Ethernet  for  inexpensive,  international 
phone  calls  exposed  the  problems  of 
relaying  voice  over  a  network  designed  for 
data.  Voice  quality  was  poor  because  the 
Internet's  asynchronous  structure  is  not  suited 
for  the  synchronous  nature  of  voice.  However, 
as  Internet  capacity  has  grown  and  standards  have  evolved,  good-qual¬ 
ity  voice  over  IP  has  become  easier  to  achieve.The  growth  in  intranets, 
which  can  be  managed  for  higher-quality  voice, also  has  helped  propel 
the  use  of  VoIP 

While  bypassing  toll  charges  is  still  one  of  the  attractions  of  VoIP  ser¬ 
vices,  what  is  driving  the  acceptance  ofVoIP  is  the  rich  applications  that 
converged  data,  voice  and  video  make  possible. The  ability  to  integrate 
data  and  voice  traffic  onto  one  network  not  only  reduces  the  total  cost 
of  ownership  of  that  network,  but  also  enables  various  network  ele¬ 
ments,  including  call  servers,  application  servers  such  as  voice  mail 
storage  and  client  devices,  to  be  more  easily  integrated. 

This  merging  of  voice  and  data  networks  is  driving  what  eventually 
will  be  a  multibillion-dollar  transition  in  the  voice  telecom  infrastruc¬ 
ture.  While  VoIP  is  a  fraction  of  the  U.S.  telecom  industry  it  is  growing 
rapidly  North  American  wholesale  VoIP  sales  were  estimated  to  be  well 
over  $400  million  in  2002,  Gartner  says.  Total  equipment  purchases  of 
VoIP  gateways,  softswitches  such  as  IP  PBXs  and  VoIP  application 
servers  are  expected  to  reach  almost  $12  billion  by  2006,  according  to 
Frost  and  Sullivan  —  a  sixfold  increase  over  2001. 

Many  developing  countries  are  jumping  to  VoIP-based  technology 


VoIP  drives  network  makeovers 


both  wired  and  wireless,  to  build  modern  communications  infrastruc¬ 
tures.  VoIP  also  is  one  of  the  hottest  communications  technologies 
being  adapted  for  transmission  over  broadband  technologies  such  as 
cable  and  DSL. 

For  investors,  the  rate  of  growth  in  infrastructure  equipment  is  excit¬ 
ing.  Mayfield  has  invested  in  several  companies  that  hold  promise. 
Convedia  is  a  supplier  of  media  servers  that  provide  voice  processing 
for  services  such  as  conferencing  and  voice  mail.Sylantro  has  devel¬ 
oped  carrier-class  application  servers  for  deploying  IP  Centrex  and 
hosted  PBX  services. 

Also  attractive  to  Mayfield  from  an  investment  standpoint  are  the  fea¬ 
tures  and  services  that  VoIP  will  make  possible.  Nuasis  is  a  software 
company  that  has  developed  an  end-to-end,  IP-based  system  for  the 
emerging  IP  contact  center.  Its  product  consolidates  the  routing  of  cus¬ 
tomer  phone  calls,  e-mails  and  Web  contacts  on  one  platform  for 
improved  customer  service  and  contact  handling.  And  Orative  is  using 
VoIP  technology  to  improve  mobile  voice  communications  for  enter¬ 
prise  users  through  intelligent  calling. 

It  will  take  time  for  user  companies  and  service  providers  to  move 
from  their  legacy  equipment  and  support  systems.  However,  keep  an 
eye  out  for  products  and  technologies  that  will  let  you  migrate  to  VoIP 
in  a  way  that  will  protect  your  existing  technology  investments.  Clinging 
to  technologies  based  on  the  public  switched  telephone  network  will 
ultimately  limit  your  company’s  competitiveness. 


What  is  driving 
the  acceptance 
of  VoIP  is  the  rich 
applications  that 
converged  data, 
voice  and  video 
make  possible. 


Ladd  is  a  general  partner  with  Mayfield,  a  venture  capital  firm  in  Menlo 
Park,  Calif.  He  can  be  reached  at  dladd@mayfield.com. 


YANKEE  INGENUITY 

Howard  Anderson 

You  should  see  my  office.  It’s  littered  with 
blow-ups  of  “Dilbert”  cartoons  —  some 
of  which  I  have  blown  up  to  2  feet  by  6 
feet. The  longer  1  am  in  this  business,  the  more 
I  am  absolutely  certain  that  Scott  Adams 
(Dilbert’s  creator)  and  sometimes  Gary 
Trudeau  (of  “Doonesbury”  fame)  are  the  only  people  who  get  it.  Let’s 
face  it:  Our  industry  is  nuts. 

SBC  is  losing  1.8  million  telephone  lines  a  year  in  California,  as  AT&T, 
the  new  MCI  and  a  host  of  cable  companies  take  its  business.  The 
European  telecom  companies  spent  $150  billion  for  3G  licenses,  built 
out  their  systems  and  now  are  having  a  price  war  because  of  overca¬ 
pacity  360networks  sells  its  fiber  backbone  for  2%  of  what  the  company 
paid  for  it.  Everyone  acts  surprised  when  excess  capacity  causes  steep 
discounts.  Duh  . . .  what  do  they  expect? 

Rick  Roscitt  goes  from  AT&T  (carrier)  to  ADC  Telecom  (hardware)  to 
MCI  (carrier).  Dick  Notebaert  goes  from  running  Ameritech  (carrier)  to 
Tellabs  (hardware)  to  Qwest  (carrier).  Dave  Dorman  goes  from  Sprint 
(carrier)  to  PacBell  (carrier)  to  FbintCast  (start-up),  then  to  Concordia 
(joint  venture)  and  to  AT&T  (carrier).  Ron  LeMay  goes  from  Sprint  (car¬ 
rier)  to  Waste  Management  (waste  management  services)  and  back  to 
Sprint  —  where  he  gets  fired  for  taking  the  financial  advice  of  the  firm’s 
auditors,  who  themselves  get  fired.  Gerry  Levin  goes  from  running  Time 
Warner  to  being  bought  by  AOL  to  getting  fired,  and  now  the  company 
wants  to  change  its  name  back  to  just  Time  Warner  because  the  AOL 
name  reminds  people  of  what  screw-ups  they  are.  A  few  of  my  friends 
have  not  only  gotten  fired, they  are  going  to  jail.Talk  about  adding  insult 
to  injury 

Tell  me,  is  this  the  nuttiest  industry  you  ever  saw? 

Let  me  tell  you  about  one  of  the  brighter  types.  Dan  Smith  runs 
Sycamore,  which  a  few  years  ago  was  worth  $51  billion  and  now  is 
worth  $1.1  billion.  When  things  were  nuts  as  a  bunny.  Smith  went  out 
and  raised  $1  billion  in  cash.  When  reality  hit  (read:  no  customers), 


The  gospel  according  to  Dilbert 


Smith  pulled  in  his  horns  so  now  he  loses  “only”  $10  million  a  year. 
When  people  complain,  he  answers  that  at  this  rate,  he  should  worry 
because  in  100  years  he  will  be  out  of  money  A  few  years  ago,  when 
Dan  and  Desh  Deshpande  were  running  Cascade,  they  sold  out  to  Rob 
Ryan  and  Ascend  for  $3.7  billion  when  they  had  a  bad  quarter.  In  real¬ 
ity  their  venture  capitalists  panicked.  Ascend,  which  had  nothing  of 
note  technologically  in  its  own  tank,  then  sold  the  whole  company  to 
Lucent  for  —  hold  your  breath  —  $20  billion.  So  this  time  at  Sycamore, 
Smith  decided  that  not  only  can  he  handle  one  bad  quarter  with  a  bil¬ 
lion  in  the  bank,  he  can  handle  400  bad  quarters. 

Did  I  mention  that  this  industry  is  nuts? 


Tell  me,  is  this 
the  nuttiest 
industry  you  ever 
saw? 


Anderson  is  senior  managing  director  of  YankeeTek  Ventures,  a 
Cambridge,  Mass.,  venture  capital  fund  for  early-stage  technology  com¬ 
panies.  He  can  be  reached  at  handerson@yankeetek.com. 
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CHECK  IT  OUT 

Traditional  check  clearing  system 


BankY  customer 
sends  check  to 
electric  company. 


Electric  company 
deposits  check 
with  Bank  X. 


Bank  X  credits  custo 
mer  account  pending 
clearance  of  check. 


Bank  X  sends  check  to 
BankY  for  payment. 


BankY  debits  customer 
account  and  forwards 
payment  to  Bank  X. 


Elapsed  time:  three  to  14  days. 


BankY  customer 
sends  check  to 
electric  company. 


Banks  are  replacing  paper-clogged,  check-clearing  systems 
with  electronic-imaging  networks,  saving  an  estimated 
$2  billion  annually. 


■  BY  PETER  RUBER 

With  the  labor-intensive  and  somewhat-antiquated  system  in  place  today  at 
most  banks,  it  can  take  anywhere  from  three  days  for  a  local  check  to  14  days 
for  an  out-of-state  check  to  clear. 

But  a  consortium  of  banks  that  handles  about  60%  of  the  nations  checks  is 
switching  to  a  check-imaging  network  that’s  expected  to  slash  check-clearing 


times  to  less  than  24  hours. 

Not  only  is  check  imaging  faster  and  more  reliable  than 
the  old  distribution  method,  but  it  also  will  save  the  bank¬ 
ing  industry  an  estimated  $2.1  billion  annually  and  go  a 
long  way  toward  reducing  the  estimated  $21  billion  lost 
through  fraudulent  checks  schemes,  according  to  Hank 
Farrar,  president  and  CEO  of  Small  Value  Payments 
Company  (SVPCo). 

If  you’ve  ever  wondered  why  your  local  bank  puts  a 
three-  or  five-day  hold  on  a  personal  check  that  you 
deposit  into  your  account,  it  all  boils  down  to  a  slow  and 
inefficient  check-clearing  network. 

When  you  deposit  a  check,  your  bank  doesn’t  receive 
payment  until  the  bank  from  which  the  check  was  writ¬ 
ten  physically  receives  the  check  and  processes  it. 

That  means  every  bank  has  to  sort  the  checks  it  takes  in 
every  day  and  deliver  those  checks  to  a  clearinghouse. 
SVPCo,  a  New  York  clearinghouse  owned  by  22  of  the 
nation’s  largest  banks,  handles  an  estimated  100  million 
checks  every  business  day. 

In  New  York  City,  for  example,  SVPCo  has  two  offices, 
where  a  messenger  from  a  particular  bank  drops  checks 
on  the  appropriate  tables  of  member  banks  and  picks 
up  the  boxes  of  checks  other  banks  have  left  on  his 
bank’s  table. 

Farrar  adds, “Checks  drawn  on  Wells  Fargo  [in  San 
Francisco]  will  be  put  aboard  a  plane  or  be  given  to 
another  bank  that  moves  paper  across  the  country” 

When  checks  finally  are  delivered  to  a  bank's  data  pro¬ 


cessing  center,  they  are  run  through  a  reader/sorter 
machine,  which  captures  the  microdata  at  the  bottom  of 
the  checks.  Bank  of  America  has  to  maintain  12  regional 
data  processing  centers  with  thousands  of  clerks  who 
process  payments. 

Imaging  to  the  rescue 

Image  technology  will  change  this  dramatically 
because  paper  will  go  through  a  reader/sorter  only  once, 
and  the  image  of  the  check  will  be  transmitted  electroni¬ 
cally  to  the  appropriate  bank  over  a  private  IP  network, 
according  to  John  Dunn,  the  SVPCo  project  manager. 

Databases  maintained  by  SVPCo  and  other  check  clear¬ 
inghouses  also  will  become  central  repositories  for 
closed  or  dead-end  checking  accounts.  If  incoming 
checks  cannot  be  matched  to  valid  accounts,  they  could 
be  checked  promptly  online  against  a  fraudulent  check 
database.lt  is  hoped  that  early  detection  of  bounced 
checks  will  save  banks  and  customers  considerable 
headaches  and  money. 

Sterling  Commerce,  a  subsidiary  of  SBC,  is  developing 
the  software  that  will  drive  check  imaging.This  is  an 
80/20  technologyf  Farrar  says.“Eighty  percent  already 
exists;  20%  will  be  new” 

Among  the  new  components  is  a  distributed  traffic  agent 
(DTA)  that  will  create  check  images  for  presentment  and 
will  capture  the  microdata  that  paying  banks  can  use  to 
automate  the  debit  process.  Sterling’s  technology  was 
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selected  because  itsVectorCapture  and 
DirectConnect  software  has  been  in  use 
by  many  of  the  top-tier  banks  and  has  a 
solid  track  record. 

Digitizing  checks 

Several  of  the  top-tier  banks  launched 
the  move  to  check  imaging  several 
years  ago,  while  SVPCo  and  the  Federal 
Reserve  Board  worked  on  specifica¬ 
tions  for  an  industry-wide  standard. 
Those  details  were  incorporated  in 
the  Check  Truncation  Act  that  both 
houses  of  Congress  approved  June  30. 
Minor  differences  between  the  two  ver- 


Imagine  that 

SVPCo  estimates  that  the  front 
and  back  images  of  each  check 
will  be  contained  in 

40K  bytes. 


sions  are  being  resolved  before  the 
final  draft  is  presented  to  President 
Bush  for  signature. 

To  help  make  this  a  universal  process 
that  also  includes  smaller  banks,  SVPCo 
is  working  with  Fiserv,  a  Brookfield, 

Wis.,  outsourcer  that  acts  as  a  clearing¬ 
house  and  data  processor  for  1,700 
community  banks. 

“Fiserv  is  going  to  make  this  solution 
very  broad,”  says  Rian  Maloney  vice  pres¬ 
ident  of  imaging  for  Sterling  Commerce. 
“Fiserv  is  going  to  look  like  one  large 
bank,  but  it  will  have  thousands  and 
thousands  of  endpoints  —  branches. 
Consumers  and  companies  will  be  able 
to  view  their  online  checking  accounts 
and  confirm  the  overnight  clearance  of 
checks  they’ve  deposited,  regardless  of 
where  in  the  country  those  checks  were 
presented. That’s  all  going  to  happen 
within  12  months.” 

Building  the  imaging  network 

The  DTA  server  that  will  move  check 
images  to  other  banks  will  run  the 
Windows  2000  operating  system  and  the 
SQL  database,  SVPCo ’s  Dunn  says.  All  par¬ 
ticipating  banks  will  run  similar  systems, 
except  the  community  banks  whose 
servers  Fiserv  will  host. 

For  some  smaller  banks  that  will  not  be 
in  a  position  to  implement  check  imag¬ 
ing  during  the  early  stages  of  the  rollout, 
SVPCo  has  created  an  image  replace¬ 
ment  document.  According  to  the  Check 
Truncation  Act,  all  banks  will  have  to 
honor  either  imaged  check  or  the  image 
replacement  document  instead  of  paper 
checks. 

SVPCo’s  banks  slowly  have  been  adding 
cameras  to  their  reader/sorters  over  the 
past  two  years  to  automatically  photo¬ 
graph  the  front  and  back  of  each  check  as 
it  goes  through  the  machine. 

SVPCo  is  laying  the  foundation  for  a 
private  IP  network  that  will  “allow  every¬ 


one  to  leverage  existing  connections  to  a 
local  hub  that  will  connect  to  the  SVPCo 
‘cloud’  managed  by  a  service  provider,” 
Dunn  says. 

Bob  Hunt, senior  research  analyst  for  the 
Tower  Group, says  the  network  will  be  put 
together  very  quickly.“It  won’t  be  as  com¬ 
plicated  as  most  people  think. What  it 


needs  is  high-speed  telecommunications. 
And  since  they’re  not  going  out  to  cus¬ 
tomers  via  the  Internet,  the  high-speed  net¬ 
works  banks  are  tied  into  today  will  work 
just  fine,”he  says. 

VPN  software  from  Sterling  Commerce 
will  provide  security  for  the  network. 

The  plan  calls  for  an  eight-bank  trial  run 


in  the  fourth  quarter  of  2003,  with  the  roll¬ 
out  to  the  remaining  banks  and  the  Fiserv 
group  of  community  banks  in  the  first 
quarter  of  next  year. 

Ruber  is  a  freelance  writer  in  Oakdale . 
N.Y.He  can  be  reached  at  pruber@ 
prodigy.net. 
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■  BY  KEITH  SHAW 


A  sluggish  economy  hasn’t  stopped  a  lot  of  device  manufacturers  from  pro¬ 
ducing  new  cool  gadgets  and  gizmos.They’ve  released  so  much  stuff  that 
we’ve  got  a  backlog  at  the  Cool  Tools  Testing  Zone,  and  the  gracious  edi¬ 
tors  of  this  magazine  have  granted  some  space  to  do  a  roundup.  So  here’s 
what’s  been  clogging  the  desk  space  and  office  shelves  recently: 


PDAs,  phones  and  “convergence" 

The  world  of  the  PDA  has  changed  significantly  in  the  past  few  months. 
No  longer  can  a  device  be  “unconnected.”  All  new  devices  need  some 
method  of  connecting  wirelessly  to  the  Internet.  How  the  device  con¬ 
nects,  and  its  level  of  success,  makes  the  difference. 

On  the  mobile  phone  side,  wide-area  connectivity  is  the  name  of  the 
game.  Data  connectivity  doesn’t  seem  to  be  a  big  selling  point;  most  of 
the  new  phones  are  all  about  imaging  via  embedded  digital  cameras.The 
Nokia  3650  is  one  such  phone, and  we  finally  got  our  hands  on  it.This 
phone  also  has  a  different  style  keypad,  which  has  its  numbers  and  let¬ 
ters  go  around  in  a  circle.  It  doesn’t  take  too  long  to  adjust. 

The  camera  images  are  what  you’d  expect  from  a  VGA  camera:  There’s 
no  auto-focus, and  you’d  never  want  to  print  these  pictures  and  put  them 
in  a  frame.  For  e-mailing  and  posting  on  a  Web  site,  however,  they’ll  do 
fine. We  had  some  issues  trying  to  send  images  via  Multimedia  Message 
Service  to  an  e-mail  address, so  it  will  help  if  you’re  an  expert  on  MMS  (or 
send  to  another  phone  with  MMS  capabilities). 

On  the  PDA  front  are  two  new  devices:  the  Palm  Tungsten  T2  and  the 
HP  iPaq  h5550.  For  network  connectivity  the  T2  connects  via  Bluetooth, 
while  the  h5550  has  embedded  wireless  LAN  (802.11b)  connectivity 

TheT2  is  an  upgrade  from  the  Tungsten  T  PDA  that  Palm  launched  last 
year,  with  more  features  (MP3,  video  player)  found  on  the  Zire  handheld. 
It  also  has  32M  bytes  of  memory  an  upgrade  from  the  16M  bytes  found 
on  the  Tungsten  T.  It  costs  less  than  the  Tungsten  C  (WLAN)  or  Tungsten 
W  (WAN),  but  more  than  the  Zire. With  the  T2,  Palm  now  has  different 
steps  on  which  PDA  to  buy  based  on  your  connection  needs  or  price. 

The  h5550  includes  the  new  Microsoft  Pocket  PC  2003  operating  sys¬ 
tem,  which  is  supposed  to  make  connecting  to  a  WLAN  easier  than  previ¬ 
ous  devices.  Anyone  with  an  older  Backet  PC  who  tried  to  connect  to  a 
WLAN  knew  the  pain  it  involved. While  it ‘s  a  bit  easier,  the  process  still 
requires  tapping  through  many  menus,  more  than  we’d  prefer. The  WLAN 
connectivity  is  still  easier  with  a  Tungsten  C. 

Then  there’s  the  latest  “converged  device,”  which  combines  all  your 
mobile  features  into  one  device.  At  first  glance,  the  Sprint  PCS/Hitachi 
G1000  looks  overwhelming. You  definitely  wouldn’t  use  this  as  your  pri¬ 
mary  cell  phone,  but  you  might  replace  your  laptop  with  the  G1000 
because  of  all  its  functions.The  G1000  combines  a  Pocket  PC,  a  cell 
phone,  a  digital  camera  and  wireless  e-mail  system  into  one  device. The 
Pocket  PC  operating  system  lets  you  view  and  edit  Office  documents  on 
the  go,  and  the  embedded  keyboard  lets  you  craft  longer  e-mails  or  mes¬ 
sages  than  you  would  with  a  normal  cell  phone  keypad.The  embedded 
camera  takes  pictures  with  VGA  quality  so  if  you  need  pictures  of  higher 
quality  you  still  might  need  a  digital  camera.  Still,  for  enterprise  workers 
who  need  only  to  document  things  with  pictures  that  can  be  of  e-mail  or 
Web  site  quality,  the  camera  on  the  G1000  works  fine. 

The  G1000  works  on  Sprint’s  Code  Division  Multiple  Access  lx  network, 
so  data  rates  are  equivalent  to  a  dial-up  56K  bit/sec  connection  on  aver¬ 
age  (still  faster  than  the  dark  ages  of  Cellular  Digital  Packet  Data).  If  you 
can  get  over  the  size  of  the  device,  this  would  make  a  fine  addition. 

If  you  want  vour  mobile  device  to  look  more  like  a  cell  phone,  but  still 
want  to  send  a  lot  of  text  messages  or  e-mails,  then  the  Nokia  6800  might 


be  up  your  alley  The  coolest  feature  of  the  6800  is  its  flip-up  keypad, 
which  rotates  over  the  screen  and  creates  a  full-size  keypad. This  is  what 
has  been  missing  from  text  input  on  mobile  phones.  If  you're  sick  of  tap¬ 
ping  the  5  key  three  times  to  get  the  letter ‘L’,  then  this  device  is  the  cure. 

The  phone  we  tested  worked  with  AT&T  Wireless’  GSM/General  Packet 
Radio  Service  network,  and  offered  everything  from  voice-recorded 
memos,  wireless  email  (POPS/  Internet  Message  Access  Protocol  sup¬ 
port),  instant  messaging  (AOL  or  Yahoo),  Web  browsing  and  MMS.The 
6800  comes  with  two  headsets,  a  boom  microphone  and  a  dual  earpiece 
antenna.  Although  it  might  seem  excessive  for  phone  calls,  the  earpiece 
makes  all  the  difference  when  listening  to  the  radio  feature. Web  surfing 
also  has  improved:  We  located  the  local  weather,  traffic,  news  headlines 
and  movie  times  in  less  than  a  minute. 

Audio  and  video  madness 

If  you  want  to  avoid  listening  to  the  conversations  of  your  office  neigh¬ 
bors,  then  the  Archos  Video  AV  120  (around  $400)  should  be  on  your 
short  list.The  AV  120  is  an  update  of  Archos’  earlier  MP3  file  jukebox,  but 
with  interface  improvements  that  make  it  easier  to  find  the  song  you 
want  to  play  The  device  still  holds  20G  bytes  of  files.The  AV  120  also  lets 
you  store  photos,  regular  data  files  (as  an  external  hard  drive)  and 
videos,  which  you  can  watch  on  a  small  color  LCD  screen. 

The  device  has  an  optional  attachment  (the  DVR  100)  that  lets  you 
“record”  video  from  external  video  sources  through  RCA  cabling.This  lets 
you  record  “live”TV  video  through  a  VCR,  but  we  also  could  transfer 
videos  from  pre-recorded  videos  or  even  content  we  had  stored  on  a 
ReplayTVOnce  the  videos  transferred  to  the  device,  we  could  move  the 
files  from  the  device  to  a  PC  for  storage  or  viewing  (although  we  needed 
to  find  a  Divx  player  to  play  the  video  files  on  our  PC,  as  the  format  didn't 
play  nice  with  either  RealOne  Player  or  Windows  Media  Player).  While 
the  video  features  are  cool,  we  found  ourselves  using  this  mainly  as  an 
MP3  player. 

With  a  wired  home  network,  adding  devices  to  the  network  involves 
running  a  lot  of  Category  5  cabling  around,  not  particularly  fun.  With  a 
wireless  network,  hooking  up  new  devices  that  aren’t  PCs  or  notebooks 
suddenly  becomes  more  appealing. The  front-runner  for  non-PC-relaled 
devices  seems  to  be  hardware  that  connects  to  a  stereo  system  that  lets 
you  stream  music  files  from  the  PC  down  to  your  home  stereo  system. 
One  that  we  really  like  is  the  cd300  Network  MP3  Player  from  cd3o. 

The  cd300  attaches  via  RCA  jacks  to  the  audio  output  ports  on  your 
stereo  system.  After  configuring  the  device  to  connect  to  your  wireless 
network, you  can  stream  all  of  your  MP3  files  sitting  on  the  PC  through 
the  stereo.  While  some  devices  include  an  LCD  panel  to  display  the  s 
title  or  playlist,  the  cd300  uses  a  remote  control  and  a  robotic  voice  :• 
announce  the  song  titles  or  playlists.The  voice  is  kind  of  choppy  esi  • 
dally  when  announcing  a  long  title,  as  it  tends  to  blend  everything 
one  long  sentence. 

Shaw  can  be  reached  at  hshaw@nww.com.  Peter  Hebenstreit 
Worlds  senior  network /telecom  engineer,  assisted  with  the  to 
this  story. 
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■  BY  CARA  GARRETSON 


Network  executives  who  want  to  keep  up 
with  the  latest  developments  affecting 
their  job  had  better  start  watching  C-SPAN. 
That’s  because  state  and  federal  govern¬ 
ments,  in  response  to  concerns  about 
security,  privacy  and  corporate  account¬ 
ability,  have  gone  on  a  regulatory  spree 
that  will  cost  U.S.  companies  billions  of 
dollars  in  mandated  IT  upgrades. 
Cash-strapped  IT  departments  are 
already  feeling  the  financial  and  organiza¬ 
tional  sting  of  several  pieces  of  legislation, 
and  the  worst  is  yet  to  come. 

The  first  regulation  to  come  through  the  pipeline  is  the 
Health  Insurance  Portability  and  Accountability  Act 
(H I PAA).  Designed  to  secure  electronic  patient  informa¬ 
tion,  HIPAA  cost  businesses  an  estimated  $270  million  in 
2002,  the  year  that  most  healthcare  groups  came  into  com¬ 
pliance,  according  to  market  researcher  Frost  &  Sullivan. 
HIPAA  pales  in  comparison  to  the  Gramm-Leach-Bliley 
Act  (GLBA),  which  requires  financial  institutions  to 
protect  customer  information.  Even  more  sweep¬ 
ing  is  the  Sarbanes-Oxley  Act,  which  man¬ 
dates  all  public  companies  back  up 
financial  statements  with  proof  of  pro¬ 
cedures  and  controls. 

Further  reaching  still  is  a  new  California  state 
law  that  says  companies  doing  business  in  that  state 
must  alert  customers  to  any  potential  breaches  in  the 
security  of  their  information,  in  an  attempt  to  head  off 
identity  theft.  If  a  similar  law  makes  its  way  through 
Congress,  any  company  that  stores  information  about  its 
customers  could  feel  the  effects. 

These  and  other  new  laws  will  have  a  huge  impact  on 
IT  departments,  which  must  add  or  modify  those  systems 
that  underlie  and  support  virtually  all  operational  busi¬ 
ness  procedures. 

“IT  is  so  central  to  corporate  and  business  affairs  that 
you  can’t  write  a  new  regulatory  program  without  it 
touching  on  IT,” says  Stewart  Baker,  a  partner  with  Steptoe 
&  Johnson  in  Washington,  D.C.“We’re  going  to  see 
increasing  federal  regulation  of  IT  issues  just  because  all 
new  federal  regulation  is  going  to  have  an  IT  element.” 

Lawmakers  take  a  greater  interest  in  IT  issues  when  high- 
profile  breaches  of  security  and  privacy  occur;  they  want 
to  know  why  it  happens  and  how  to  fix  it. 

“We ’re  at  a  critical  juncture  right  now  in  the  regulatory 
environment.  Our  national  strategy  says, ‘Hands-off  regu¬ 
lation,  we  don’t  want  command  and  control,’”says  Mark 
Rasch,  senior  vice  president  and  chief  security  counsel 
with  security  software  vendor  Solutionary.  However,  legis¬ 
lators  feel  the  need  to  react  when  they  read  about  iden¬ 
tity  theft  and  hacker  attacks,  he  says.“The  government  is 
getting  impatient  with  the  marketplace  and  that  creates 
great  pressure  for  regulation.” 


Slow  dancing  with  the  regulators 

Although  many  of  these  laws  have  been  on  the  books 
for  a  while,  compliance  doesn’t  occur  overnight.  Given  the 
current  economical  climate,  many  companies  are  loath  to 
overhaul  their  IT  infrastructures.  And,  because  many  of  the 
laws  are  still  fresh  enough  that  their  specific  regulations 


Compliance  with 
new  security  and 
privacy  regulations 
falls  squarely  on 
IT  departments. 


have  not  yet  been  hammered  out,  companies  are  waiting 
to  see  how  the  law  is  interpreted  or  changed.  Some  of 
these  laws  also  are  vague  regarding  what  steps  a  company 
must  take  to  comply  or  lack  specific  enforcement  guide¬ 
lines,  giving  companies  another  reason  to  delay 

“There’s  this  very  slow  dance  toward  compliance 
that’s  occurring  because  you’re  never  sure  what  [part  of 
your  business]  is  exposed  and  how  far  you  need  to  go,” 
says  Austin  Hill,  executive  vice  president  and  general 
manager  of  privacy  software  maker  Zero-Knowledge 
Systems’  enterprise  division  in  Montreal. 

The  estimated  cost  of  compliance  can  be  staggering, 
although  in  some  industries, systems  or  policies  that 
must  be  modified  were  already  long  overdue  for  an 
overhaul.  For  example,  the  healthcare  industry  is  notori¬ 
ously  behind  the  times  when  it  comes  to  implementing 
new  technology 

HIPAA  replacement  costs 

HIPAA  has  forced  the  industry  to  adopt  security,  privacy 
and  information  exchange  systems  and  policies  that  are 
costing  the  average  midsize  hospital  $1  million  to  $2  mil¬ 
lion,  and  large  insurance  companies  $5  million  to  $10 
million  each,  says  Dr.  Peter  Kongstvedt,  vice  president  of 
Cap  Gemini  Ernst  &  Young’s  managed-care  practice. 

“A  lot  of  companies  used  the  [new  law  as  an]  opportu¬ 
nity  to  make  changes,  replacing  a  system  or  substantially 
upgrading,”  he  says,  noting  that  some  insurance  compa¬ 
nies  spent  as  much  as  $20  million  to  $40  million. 

Blue  Cross  Blue  Shield  of  Michigan  began  working  on 
HIPAA  compliance  in  2001,  according  to  CIO  William 
Smith. The  company  has  not  had  to  make  major  hard¬ 
ware  purchases  or  hire  new  staff  to  come  up  to  compli¬ 
ance.  However,  because  it  also  acts  as  an  electronic 
clearinghouse  for  medical  claims  in  the  state,  it  has  had 
to  extensively  update  its  software,  including  all  of  its  med¬ 
ical  codes  and  transaction  formats.  With  the  help  of  con¬ 
tract  workers,  Blue  Cross  Blue  Shield  of  Michigan  expects 
to  be  in  compliance  with  the  regulation’s  transaction 
and  code  set  standards’  deadline  of  Oct.  15. 

Blue  Cross  Blue  Shield  of  Michigan  expects  to  spend  a 
total  of  about  $80  million  on  HIPAA  compliance, Smith 
says.  One  unexpected  cost  has  been  educating  and  lob¬ 
bying  other  parts  of  the  healthcare  industry  on  the 
importance  of  getting  their  IT  systems  to  meet  HIPAAs 
deadline, so  that  electronic  transactions  can  go  through. 

“In  testing  we  found  that  hospitals,  doctors  and  other 
billers  are  just  not  going  to  be  ready,  and  that’s  going  to 
be  a  significant  problem,”  Smith  says.  If  billers  resort  to 
paper  claims,  instead  of  updating  their  IT  systems,  that 
will  add  a  new  level  of  cost  and  delay  to  processing 
claims,  he  says. 

Financial  firms  face  GLBA 

The  Gramm-Leach-Bliley  Act’s  mandate  that  financial 
institutions  protect  customer  information  shouldn’t 
impose  a  significant  burden  on  companies  that  already 
are  spending  the  recommended  5%  to  8%  of  their  IT 
budgets  on  security  and  have  working  privacy  policies, 
as  most  banks  and  investment  houses  already  do,  says 
Michael  Scheidell.CEO  of  security  provider  Secnap 
Network  Security. 

But  significant  spending  will  be  forced  on  companies 
that  might  not  consider  themselves  financial  institu¬ 
tions,  such  as  small  mortgage  brokers  and  employers 
that  offer  workers  direct  deposit  of  paychecks  into  their 
bank  accounts. 

“Any  company  that  has  not  thought  about  security, such 
as  mom-and-pop  mortgage  brokers,  may  not  even  have  a 
firewall,”  Scheidell  says. 

Sarbanes-Oxley  gores  companies 

Compliance  with  the  Sarbanes-Oxley  Act  is  predicted 


to  hit  IT  departments  as  hard  as  the 
Y2K  crisis,  except  this  problem 
doesn’t  have  an  expiration  date.  A 
recent  report  from  AMR  Research 
found  85%  of  the  companies 
affected  by  the  act  expect  to  have 
to  make  at  least  some  changes  to 
their  IT  architecture. 

Under  the  law,  public  companies 
must  employ  a  third  party  to  audit 
not  only  their  financial  statements, 
but  also  to  verify  the  reasoning,  poli¬ 
cies  and  controls  behind  those  state- 
ments.That  means  IT  departments 
must  store  and  create  access  to  all 
information  —  including  structured 
data  like  spreadsheets  and  databases, 
and  unstructured  data  such  as  e-mail 
and  instant  messages  —  related  to 
the  company’s  financial  statement. 

“Right  now,  people  are  putting 
together  ad  hoc  solutions  to  meet 
the  deadline,” says  Rakesh  Shukla, 
co-founder  of  online  information 
management  provider  1 70  Systems. 
"In  a  year  or  two  it  will  be  how  to 
automate  and  streamline  costs.” 

Sola  International,  a  lensmaker  in 
Menlo  Park,  Calif.,  bought  financial 
reporting  software  from  Hyperion 
Solutions  to  help  comply  with 
Sarbanes-Oxley  Sola  also  had  to  buy 
more  powerful  servers  to  run  the 
software, says  Patrick  Kiernan, senior 
financial  systems  analyst. 

While  Sarbanes-Oxley  was  clearly 
the  impetus  for  upgrading  the  com¬ 
pany’s  systems,  Kiernan  says  the 
investment,  which  is  significant, 
needs  to  be  put  in  perspective. 
“These  actions  may  have  naturally 
occurred  in  our  business  decision 
processes  anywayf  he  says. 

Ammo  in  cyberterror  war 

On  the  brighter  side,  many  of  these 
laws  give  IT  departments  the  ammu¬ 
nition  they  need  to  make  their  case 
to  the  company’s  executive  staff  for 
updated  systems  and  policies, 
experts  say  One  example  is  the 
National  Strategy  to  Secure 
Cyberspace  Report,  which  is  not  a 
law  but  a  proposal  the  White  House 
issued  in  February  on  how  govern¬ 
ment  and  the  private  sector  can 
work  together  to  help  fight  terrorism. 

“One  of  the  problems  that  the 
[report]  addresses  is  that  cybersecur¬ 
ity  needs  to  be  elevated  beyond  the 
IT  departments  and  addressed  at  the 
CEO,  CFO  and  board  of  directors 
level,” says  Larry'  Clinton, operations 
officer  at  Internet  Security  Alliance.“A 
lot  of  corporations  traditionally  think 
of  cybersecurity  as  something  that 
will  be  handled  by  the  IT  depart¬ 
ment;  the  problem  is  the  IT  depart¬ 
ment  isn’t  getting  the  resources  they 
need  to  affect  change.” 

Garretson  is  a  freelance  writer.  She 
can  be  reached  at  cgarretson@star 
power.net. 


To  the  letter  of  the  law 


I  Health  Insurance  Portability  and 

L  Accountability  Act  (HIPAA) 

Passed:  August  1996 

Purpose:  To  improve  the  portability  while  maintaining 
the  privacy  and  security  of  patient  information, 

Types  of  companies  affected:  Medical  providers,  insurance  companies, 
claims  clearinghouses,  employers  that  self-insure  workers'  health  benefits. 

Gist:  The  law's  "administrative  simplification"  section  enforces  a  privacy  rule,  secu¬ 
rity  rule,  transaction  and  code-set  standards  and  identifier  standards.  These  regula¬ 
tions  specify  what  patient  information  must  be  kept  private;  how  companies  must 
secure  the  information;  and  the  standards  for  electronic  communication  between  med¬ 
ical  providers  and  insurance  companies.  The  deadline  for  implementing  privacy  controls 
was  April  15;  security  is  April  21, 2005;  transaction  and  code  set  standards  is  Oct.  15, 
and  identifier  standards  is  July  30, 2004. 

Effects  on  IT  departments:  Unlike  some  other  laws,  HIPAA  lists  very 
specific  technology  standards  and  policies  that  must  be  implemented  to  comply. 
Opinion:  "The  scrambling  you've  heard  about  is  [to  comply  with  HIPAA's]  privacy, 
but  the  heavy  activity  in  IT  departments  will  be  around  transactions  and  code  sets." 
—  Dr.  Peter  Kongstvedt,  vice  president  of  Cap  Gemini  Ernst  &  Young's  managed 
care  practice. 

Estimated  spending  to  comply:  Research  firm  Frost  &  Sullivan  esti¬ 
mates  that  companies  spent  S270  million  in  2002  to  comply  with  HIPAA. 


|r  f  Gramm-Leach-Bliley  Act 

^...  Passed:  November  1999 

Purpose:  To  protect  the  information  financial  institu¬ 
tions  collect  about  customers. 

Types  of  companies  affected:  Mainly  financial  institutions,  but  also  any 
company  that  collects  name,  Social  Security  number  and  bank  account  number  from 
customers  or  employees. 

Gist:  On  May  23  the  act's  Safeguards  Rule  came  into  effect,  forcing  financial  insti¬ 
tutions  to  design,  implement  and  maintain  safeguards  to  protect  customer  information. 
Effects  on  IT  departments:  All  companies  that  collect  financial  informa¬ 
tion  must  take  security  measures,  such  as  maintain  firewalls,  install  and  update  virus 
protection,  and  schedule  routine  security  audits,  as  well  as  develop  and  implement  pri¬ 
vacy  policies. 

Opinion:  "Most  IT  departments  are  aware  that  they  must  protect  customer 
information,  but  they  aren't  specifically  aware  that  there  are  federal  regulations 
enforcing  this."  —  Michael  Scheidell,  CEO  of  Secnap  Network  Security. 
Estimated  spending  to  comply:  If  a  company  is  already  spending  the 
recommended  5%  to  8%  of  their  IT  budget  on  security,  additional  costs  will  be 
minimal.  Security  audits  typically  can  cost  310,000  to  S20.000. 


Sarbanes-Oxley  Act 

Passed:  August  2002 

Purpose:  To  restore  investor  confdence  in  the 
fnancial  reporting  of  public  companies  and  hold  a  com¬ 
pany's  officers  personally  responsible  for  misrepresentation. 
Types  of  companies  affected:  Any  public  company.  Experts  recommend 
private  companies  hoping  to  go  public  or  be  acquired  by  a  public  company  also  should 
abide  by  the  rules. 

Gist:  Section  302  came  into  effect  on  Jan.  1,  mandating  quarterly  reporting  on  how 
a  company  derived  its  quarterly  financial  report,  including  controls  and  procedures 
used.  Section  404  will  kick  in  June  14, 2004,  forcing  public  companies  to  have  reports 
of  controls  and  procedures  audited  by  a  third  party. 

Effects  on  IT  departments:  Two-phased;  initially,  companies  will  scram¬ 
ble  just  to  comply  with  the  law,  providing  necessary  documentation  to  auditors. 
Eventually,  companies  will  want  to  automate  the  process,  building  audit  trails  and  pro¬ 
cedures  into  their  systems. 

Opinion:  "It's  a  very  broad  and  sweeping  law,  that’s  why  it’s  causing  a  lot 
of  pain  right  now  with  public  companies."  —  Rakesh  Shukla,  co-founder  of  170 
Systems. 

Estimated  spending  to  comply:  AMR  Research  says  companies  will 
spend  S2.5  billion  on  Sarbanes-Oxley  compliance  in  2003.  The  majority  of  that 
spending  will  be  on  consulting  fees. 


USA  Patriot  Act 

Passed:  October  2001 

Purpose:  To  boost  the  government's  ability  to  uvk 
and  prosecute  terrorist  activity  through  increased  use  of 
surveillance,  information  sharing  and  other  means. 

Types  of  companies  affected:  Financial  institutions,  ISPs  and  other 
companies  that  handle  and  store  online  communications. 

Gist:  The  act  obliges  financial  institutions  to  report  any  suspicious  activity 
regarding  large  money  transactions.  Also,  ISPs  are  encouraged  to  hand  over  informa¬ 
tion  about  activity  by  their  users  they  consider  suspicious,  and  can  do  so  without  lia¬ 
bility.  The  law  also  expands  that  type  of  information  that  government  agencies  can 
collect  from  ISPs  about  their  users,  including  records  of  session  times  and  durations, 
temporarily  assigned  IP  addresses  and  credit  card  or  bank  account  information. 
Effects  on  IT  departments:  Many  aspects  of  the  act  encourage  cooper¬ 
ative  efforts  from  the  private  sector,  instead  of  imposing  regulations,  Companies  might 
wait  until  a  government  agency  subpoenas  information  from  them  before  considering 
compliance,  although  the  time  and  cost  to  produce  information  on  the  fly  could  bn  pro¬ 
hibitive.  Legal  experts  recommend  companies  ask  the  inquiring  agency  to  reimburse 
the  cost  —  some  will,  some  won't. 

Opinion:  "There's  a  certain  amount  of  pressure  to  automate  tasks  that  are  becom¬ 
ing  common  after  Sept.  11."  —  Stewart  Baker,  partner,  Steptoe  &  Johnson. 
Estimated  spending  to  comply:  Too  soon  to  tell  because  many  of  the 
act's  provisions  are  suggestions.  If  the  government  repeatedly  asks  a  company  to  pro¬ 
duce  records  to  help  the  government,  its  officials  might  realize  upgrading  their  IT  sys¬ 
tems  to  automate  reporting  is  less  expensive  than  hiring  temporary  staff  to  do  it  by  hand. 


California  Senate  Bill  1386 

Passed:  September  2002 
Purpose:  To  give  California  consumers  immediate 
notice  of  security  compromises  in  businesses'  computer 
systems  so  they  can  take  action  before  identity  theft  occurs. 

Types  of  companies  affected:  Any  company  that  stores  a  California 
resident's  personal  information  on  their  computer  system. 

Gist:  The  law,  which  went  into  effect  July  1,  says  companies  must  notify  their  cus¬ 
tomers  when  they  know  or  believe  unencrypted  personal  information  was  accessed  by 
an  unauthorized  person.  Notification  must  happen  "in  the  most  expedient  time  possible 
and  without  unreasonable  delay,"  and  can  be  written  or,  in  some  cases,  sent  by  e-mail 
or  posted  on  the  company's  Web  site.  Personal  information  is  defined  as  an  individual's 
name  and  Social  Security  number,  California  driver’s  license  or  state  ID  number,  bank 
account,  credit  card  or  debit  card  number  along  personal  identification  number  or 
password. 

Effects  on  IT  departments:  Mandatory  reporting  of  security  breaches 
means  departments  must  know  about  them,  determine  which  customers'  information 
might  have  been  compromised  and  automate  notifying  all  potentially  affected  individuals. 
Opinion:  "While  privacy  has  never  been  a  huge  [business]  driver,  lack  of  privacy 
is."  —  Mark  Rasch,  senior  vice  president  and  chief  security  counsel,  Solutionary. 
Estimated  spending  to  comply:  Depends  on  whether  the  bills  brewing 
in  Congress  to  make  this  a  federal  law  pass.  For  now.  it  means  every  company  doing 
business  in  California  must  implement  security  and  notification  systems. 


I 


IZ3  The  National  Strategy  to  Secure 
Cyberspace  Report 

. K  Issued:  February  2003 

Purpose::  To  suggest  best  practices  to  the  private 
sector  for  protecting  critical  infrastructures  and  businesses  from  cyberattacks. 
Types  of  companies  affected:  All  private  businesses,  but  especially 
those  that  run  critical  infrastructures  such  as  telecom  networks,  stock  markets, 
electricity  and  transportation, 

Gist:  This  report  issued  by  the  White  House  encourages  industries  and  governm*  ni 
agencies  to  reduce  the  risk  of  cyberterrorism  wherever  practical.  It  says  the  govern¬ 
ment  reserves  the  right  to  respond  "in  an  appropriate  manner"  if  the  U.S.  is  attacked 
in  cyberspace. 

Effects  on  IT  departments:  The  report  can  be  used  to  back  up  H  n 
agers’  requests  that  companies  assign  larger  budgets  and  higher  priority  to  security 
programs  and  policies. 

Opinion:  “The  report  makes  it  clear  that  there  will  not  be  a  technology  silver  bul 
let  that’s  going  to  solve  the  [security]  problem."  —  Larry  Clinton,  operations  ol  : 
at  Internet  Security  Alliance. 

Estimated  spending  to  comply:  Because  none  ol  the  ropo;  ' 

tory,  spending  will  be  at  the  discretion  of  each  company. 


Watching  the  shop 

Managed  security  services  are  gaining  ground  and  winning  enterprise  customers. 


■  BY  ELLEN  MESSMER 

The  idea  of  turning  to  an  outside  firm  to  manage 
your  firewall, VPN,  intrusion-detection  system  or  vul¬ 
nerability  assessment  still  raises  a  few  eyebrows.  But 
outsourcing  security  has  become  a  popular  step, 
either  as  a  way  to  hold  down  costs  or  because  it’s 
difficult  to  hire  security  professionals  for  round-the- 
clock  monitoring  and  management. 

Gartner  expects  the  managed  security  service 
provider  (MSSP)  market  to  reach  $1.6  billion  this 
year,  and  increase  to  $3  billion  by  2006.  “The  value 
proposition  is  pretty  simple,” says  Kelly  Kavanagh,  a 
Gartner  research  director  who  tracks  MSSPs. 
“There’s  24-7  monitoring  by  staff  who  are  experts 
and  dedicated  to  the  function.” Outsourced  services 
usually  let  companies  avoid  the  cost  of 
staffing  to  manage  corporate-owned 
equipment,  he  adds. 

An  MSSP  operates  at  least  one  security 
operations  center  from  which  the  out¬ 
sourcer  can  remotely  access  the  cus¬ 
tomer’s  network  at  the  perimeter  or  deep 
inside.  But  hosted  security  providers  are 
a  motley  crew  with  varying  services 
and  prices. 

Many  carriers,  including  AT&T,  Equant 
and  Sprint,  count  as  MSSPs,  as  can  some 
systems  integrators  such  as  Computer 
Sciences,  Electronic  Data  Systems,  IBM, 

Unisys  and  SAIC.  A  few  security  software  firms  — 
including  Internet  Security  Systems,  Symantec  and 
VeriSign  —  offer  outsourced  services. 

Then  there  are  companies  for  which  managed 
security  services  are  the  sole  business: 
Counterpane  Internet  Security,  Guardent,  NetSec, 
NetSolv,  RedSiren  and  Ubizen  are  among  them.  A 
handful  of  providers  —  including  FrontBridge 
Technologies,  MessageLabs  and  Fostini  —  exclu¬ 
sively  focus  on  anti-spam  and  anti-virus  protection. 
Whatever  their  menu  of  services,  MSSPs  are  gaining 
credibility  and  customer  loyalty  as  their  use 
increases. 

Law  firm  Gray,  Cary, Ware  &  Friedenrich,  which  has 
about  900  employees  in  nine 
offices  in  San  Diego,  last  fall 
began  directing  its  e-mail 
through  FrontBridge  to  be 
culled  for  spam  and  viruses. 

“It  works  out  to  be  $3  per 


user,  per  month,” says  Don  Jaycox,  the  law  firm’s  CTO. 
While  declining  to  put  an  exact  dollar  value  on 
doing  the  same  job  in-house,  Jaycox  said  outsourc¬ 
ing  is  less  than  half  the  cost. 

The  firm  gets  about  1.4  million  messages  each 
month,  about  65%  of  which  is  spam.  Outsourcing  the 
spam  filtering  hasn’t  negatively  affected  the  flow  of 
mail  into  the  organization  in  any  way  Jaycox  says. 

MSSPs  are  more  closely  identified  with  firewall  or 
remote-access  management  and  IDS,  which  Gartner 
estimates  typically  start  at  $1,000  per  month,  per 
firewall,  and  $1,600  per  IDS  sensor.  The  service 
providers  have  different  menus  for  what  they’ll 
monitor  or  manage  at  the  perimeter  or  inside  the 
corporate  intranet. 

“We  offer  managed  IDS  services  based  on 
Enterasys  Dragon,” says  Stacy  Meadows,  group  man¬ 
ager  of  managed  IP  security  services  products  at 
Sprint.“But  we  are  more  flexible  on  what  we’ll  do  for 
firewall/VPN.” 

Sprint  also  offers  three  different  anti-virus  scan- 


fcllt  would  cost  me  more  to  hire  the 
six  people  I  would  need  to  replace 
what  I  get  with  Counterpane.  9  9 

David  MacLeod 

Director  of  corporate  security,  The  Regence  Group 


ning  engines  based  on  Symantec, Trend  Micro  and 
Sophos  software,  arid  operates  a  FrontBridge  switch 
for  anti-spam  protection. 

The  carrier  is  altering  its  MSSP  strategy  to  more 
closely  integrate  with  managed  services  for  PBXs, 
routers  and  IP-based  voice. 

“Ideally,  we’d  like  to  look  at  the  customer’s  corpo¬ 
rate  security  policy  and  have  the  security  services 
focus  across  the  board,”  Meadows  says. 

This  might  be  a  trend  in  the  future.  Noveon,  a 
chemicals  company  with  about  2,800  employees  in 
30  locations  worldwide,  has  relied  on  NetSolv  for 
multi-purpose  network  management  and  firewall 
security  monitoring  since  the  firm  began  using  IP- 
based  telephony  products 
from  Cisco  last  year. 

Todd  Nelson,  CTO  at 
Noveon  in  Brecksville, 
Ohio,  says  the  move  to  IP 
telephony  raised  Internet 


Security 

Subscribe  to  our  free  newsletter. 
DocFinder.  5434  www.Rwfns«Mt.coai 


security  issues,  such  as  monitoring  for  IP-based 
attacks,  which  can  be  addressed  through  an  MSSP 
Noveon  has  NetSolv  monitor  and  manage  moves 
and  changes  in  the  IP-based  voice  system  and  fire¬ 
wall.  “They  also  monitor  the  routers  and  switches," 
Nelson  says. 

MSSPs  are  getting  high  marks  for  their  services, 
although  many  customers  note  that  an  outsider,  no 
matter  how  much  expertise,  might  not  be  able  to 
overcome  drawbacks  inherent  in  some  equipment. 
IDSs,  for  example,  are  notorious  for  generating  false 
and  irrelevant  alerts  because  they  know  little  about 
the  networks  they  watch. 

“There  are  a  lot  of  false  positives,  but  very  few  are 
red  flags  that  are  applicable  in  our  environment,” 
says  Joseph  Gurga,  manager  of  information  security 
at  People’s  Energy  in  Chicago. The  firm  outsourced 
its  firewall  and  IDS  monitoring  and  management  to 
Symantec  but  still  has  to  sift  through  information  on 
IDS  that  Symantec  supplies. 

But  MSSPs  are  gaining  ground.  Earlier  this  year, 
DuPbnt  outsourced  its  firewall  and 
IDS  management  to  e-DMZ,  although 
the  company  declines  to  discuss  it. 
Merrill  Lynch  took  the  same  step  with 
VeriSign  to  manage  300  devices.  While 
reticent  to  discuss  the  management, 
CIO  David  Bauer  says  cost  was  a  fac¬ 
tor.  “There  is  now  a  fairly  mature  mar¬ 
ket  for  these  services,  and  there’s  better 
value,”  he  adds. 

Others  taking  the  MSSP  route  says 
it’s  a  bit  more  expensive  than  in- 
house,  but  the  problems  of  24-7  secu¬ 
rity  staffing  make  outsourcing  worth- 
while.“Do-it-yourself  is  cheaper,”  says  Kurt  de  Ruwe, 
IT  director  in  the  polyurethane  and  specialties  divi¬ 
sion  at  Huntsman  in  Salt  Lake  City.  Last  month,  the 
company  outsourced  its  global  firewall  and  IDS 
management  to  Ubizen  in  a  contract  valued  at 
about  $1  million  over  three  years. 

David  MacLeod,  director  of  corporate  security 
at  The  Regence  Group  in  Portland,  Ore. ,  which  is 
the  Blue  Cross/Blue  Shield  provider  for  four  states, 
says  he  can  quantify  the  savings  his  MSSRCounter- 
pane,  provides  through  its  monitoring  services.  "It 
would  cost  me  more  to  hire  the  six  people  1  would 
need  to  replace  what  1  get  with  Counterpane," 
he  says. 

Unlike  many  MSSPs,  Counterpane  monitors  inter¬ 
nal  applications  and  operating  systems  in  addition 
to  perimeter  firewall  and  IDS.  This  month 
Counterpane  announced  it’s  expanding  into  offer¬ 
ing  management  of  security  devices  and  vulnera¬ 
bility  scanning.  ■ 
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COMPLETE  REMOTE  KVM  CONTROL  VIA  TCP/IP 


BEST  OF  INTEROP 

NETWORLD  INTEROP 


O  CRN 


2003  Winner 

of  the  Best  Of  Show  Award 


Extend  Your  IT  Reach  Beyond  The  Server  Room 


Kaveman  16  -  Allows  up  to  6  simultaneous 

users  connecting  16  servers 


How  does  Kaveman  work 


C^p/ip^) 


miilililil 

I  I  amr-  §  "**  «  M 
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Remote  Client 


_  K  a  u  e  m  a  n  _ 

Available  in  1,  8  and  16  channel  versions 


Servers 


Remote  Keyboard,  Video  and  Mouse  Access  via  Web  Browser 

You  can  access  to  the  BIOS  level  of  your  servers  or  serial  devices  anytime, 
anywhere  with  full  KVM  control  via  a  Web  Browser  or  VNC. 

24/7  Automatic  Server  Monitoring 

Kaveman  monitors  server  functions  and  notifies  you  before  any  server 
problems  become  critical. 

Highly  Secure  Deployment 

Kaveman  utilizes  128-bit  SSL  encryption  for  all  keyboard  and  mouse  data 
and  supports  SSH  and  VPN  environments.  In  addition,  Kaveman  offers 
specialized  security  features  including  the  Turtle  mode  and  Stealth  mode. 

Non-IntrusiveTo  Your  Network  Environment 

As  a  stand  alone  device  that  requires  no  additional  software  or  hardware 
to  install,  Kaveman  minimizes  the  potential  impact  on  your  servers. 

Remote  Power  Cycling 

You  can  power  cycle,  turn  on/off  any  connected  device  over  IP  simply 
using  a  common  Browser. 


The  Engine  of  Innovation 


www.digitalv6.com  1-866-922-2333 


Mention  Promotion  Code  ‘NETWORK  WORLD’  when 
purchasing  the  Kaveman. 


Web  Based  Boot  Bar 


Yes,  you  can  Switch 
Power  ovBr  ihe  Internet 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just  to  flip 
the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability  to 
perform  this  function  from  anywhere! 

■  Web  Browser  Access  for  Easy  Operation 

■  Telnet  and  Serial  Access 

■  Encrypted  Password  Security 

■  Five  Individual  Outlets 

■  Power-up  Sequencing 

■  On  /  Off  /  Reboot  Switching 

■  Versatile  Zero  U  Mounting 


3wi!  Nelwuik  Buot  Bui 


1105 


LOCATION:  NBB  Live  Deino  Unit 
SWTICH  PANEL 


□ 
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Plug  Name 

1  Serverl 

Status 

MB 

2  Server  2 

JBEU 

3  Hub 

i  on  i 

4  Router 

JfflO 

5  Modem 

All 

Plugs 

Setup  |  LogOtH  | 

R«rir«th 

wti.com 

NETWORK  BOOT  BAR 


(800)  854-71 


western  telematic  incorporated 
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There  Is  M  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


Observer 

s995 


Expert 
Observer 
$ 2895 


Observer 

Suite 

$3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


*  Windows ®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 
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I  to  IOOO  remote  servers  are  with  in  your  reach 


Over  IR  Fibemor  Gat  E 

Accgss'’ggu7-server(s)  frorn  ANYWHERE 
shot  a  button!  m. 


USA  toll  free 
ROSE  US 
ROSE  Europe 
ROSE  Asia 


800  333  9343 
281  933  7673 
+44  (0)  1264  850574 
+65  6324  2322 


WWW.ROSE.COM 


ELECTRONICS 


UltraLink™ 
REMOTE  KVM  ACCESS  OVER  IP 

Connect  to  remote  computer  over  Ethernet  or  dial-up 
Single,  dual,  quad  models 

Local  KVM  port  to  access  computers  at  UltraLink  unit 

Modem  port  with  dial-back  security 

Up  to  1 280x1 024  resolution,  supports  all  platforms 

Easy  to  install,  give  it  an  IP  address  and  run  the 
remote  client,  no  licensing  required 

Scaling  of  computer  image  reduces  amount  of  data 
sent  and  permits  fast  screen  updates  over  slow  links 

Quad  screen  mode  allows  you  to  see  four  servers 
from  one  screen 

SSL  security  and  passwords  prevents  unauthorized 
access 


£ 


CrystalView™  Mini 
CAT 5 KVM  EXTENDER 

♦  Extends  KVM  station  up  to  1 50 
feet  away 

♦  optional  serial/audio 

•  Single  or  dual  (dual  supports 
second  KVM  station) 

•  Up  to  1280x1024  resolution 


CrystalView™ 

CAT 5  KVM  EXTENDER 

♦  Extends  your  KVM  station  up  to 
1 000’  from  your  computer 

♦  Supports  PC,  Sun,  or  USB, 
optional  Audio/Serial 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600  x  1 200  resolution 

♦  Available  as  standalone,  rack 
mounted,  or  high  density  chassis 


CrystalView™  Pro 

DIGITAL  KVM  EXTENDER 

OVER  FIBER  OR  CAT  5 

♦  Extends  KVM  signals  up  to  33,000 
feet  away 

«  Uses  only  two  fibers  or  single  Cat  5 

♦  Supports  DVI/VGA,  PC,  Sun,  USB, 
optional  Audio/Serial 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600x1 200  resolution 


CrystalView™  Rack 
CAT 5 KVM  EXTENDER 

♦  Extends  the  distance  from  6  or  1 2 
PC's  up  to  1 000  feet  away 

♦  optional  serial/audio 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600x1200  resolution 


Rose  Electronics  •  10707  Stanciiff  Road  •  Houston,  Texas  77099 
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The  ESP-2  Ml  is  a  compact  Multi-Interface,  2-port  serial  hub  that  provides  versatile  RS-232,  RS-422  and  RS-485 
support  for  industrial/manufacturing  and  a  wide  variety  of  commercial  applications. 


•  NEW  web  management  utility  simplifies  configuration  and  administration 

•  Supports  RS-232,  RS-422  and  RS-485  serial  protocols 

•  Ideal  for  industrial/manufacturing  environments  and  other  commercial  applications 


Web  browser 
management 


rser  X 
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Make  your  serial  devices 
IP  ready  with  Equinox  ESP 
Serial  Hubs! 


The  Family  of  Equinox  ESP  10/100  Serial  Hubs  provide  “Serial  Ports  Over  IP” 

Place  serial  COM  ports  at  the  point  of  need  and  eliminate  the  cabling  nightmare.  Our  Multi-Interface  serial  hubs  allow 
soft-selection  of  RS-232,  RS-422  and  RS-485  serial  interfaces  on  a  per  port  basis.  Equinox  Serial  Hubs  offload  virtually 
all  serial  traffic  from  the  host  server  so  your  ports  are  finally  freed  from  the  confines  of  your  server  -  ideal  for  peripheral 
sharing.  Includes  15KV  surge  protection  on  every  pin  of  every  port. 

Download  your  free  white  paper:  Optimizing  Manufacturing  Infrastructure  Using  Ethernet  Serial  Hubs  at 
http://www.equinox.com/wpdownload272.cfm 

For  a  FREE  30-day  product  evaluation,  call  1-800-275-3500  ext.  615  or  954-746-9000  ext.  615 


file  Qplions  Help 


Complete,  Industry  Standard,  Software-Based  RMON2  and 
RMON1  Probe  for  Windows  98/Me/NT/2000/XP 


Netwoik  Instillments  RMON  Piobe 


•  Low  cost,  complete  RMON  monitoring  for  remote  sites  or 
segments. 

•  Software-only,  non-dedicated  data  collection. 

•  Pure,  full  RMON  1  and  2  support.  Complete  implementation  of 
both  RMON  1  and  2  for  Ethernet  (10/100)  and  Token  Ring  (4/16). 

Full  adherence  toRFCs  1513.  1757,  2021  and  2074. 

•  Runs  as  a  service  on  Windows  NT/2000/XP. 

•  Works  with  ANY  RMON  management  console  or  collection  facility 
(Observer  OpenView ",  Concord  ,  NetScout etc.). 

•  Compatible  with  Network  Instruments'  optimized  ErrorTrack”-'  NDIS 
drivers  display  true  errors-by-station. 

•  Multiple  concurrent  network  interface  monitoring  (up  to  10). 

Why  pay  thousands  more  for  the  same  data? 

Call  800-526-7919  for  information,  or  see  our  web  site  at: 

www.networkinstruments.com 

O  2001  Network  Instruments.  LLC  -  Corporate  Headquarters  (952)  932-9899  FAX  (952)  932-9545 
UK  and  Europe  +44  (0)  1959  569880  FAX  +44  (0)  1959  569881  mfo@networkinstruments.com  www  networkinstruments  com 
Network  Instruments  and  the  "N"  logo  are  registered  trademarks  of  Network  Instruments.  LLC  Minneapolis.  MN  USA 


Verify  Amps  Used  per  Circuit 
with  Sentry  Input  Current  Monitor 

,■  '  .  '  :v  .' 

1  Precisely  measure  the  current,  in  amps,  ...V’  •• 
•  for  each  power  circuit  ; 

1  Prevent  overloads  on  existing  power  circuits 
1  Reduce  costs  for  additional  power  circuits 
1  Overcurrent  alarms 
1  Remote  Measurement  via  IP  or  RS-232 

,  ■  •  _  • :  /  'Y.-./r 

1  Local  Measurement  via  digital  display  ,  ,  , 


Sentry  Power  Tower.  Equipment  Cabinet  SpJutiprM] 

■  t.f<  'r .  , '  a.f  m 
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Server  Technology/  Inc.  | 

v,  %  ' ■  ■ 

1040  Sandhill  Drive  Reno,  Nevada  8951 

web:  www.servertech.com  toll  free:  1.800,83, 
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order  now:  310-416-1200 

or  visit 

www.ContiComp.com 

We  Specialize  In... 


Make  the  Smart  Choice, 

_  Trust  the  Experts * 

^Continental 

Computers  Since  1884 


Cisco  Systems 


Authorized 
Reseller 

Thm*  logos  *•  a  trademark  of  th»r  respecm*  oompanws  and  services 


Network  Resource 
Solutions,  Inc. 


USED 


NORTEL 

NETWORKS 

Cisco  Systems 

(5]:!,y<£l!Per  (^arranty) 


BUY  &  SELL 


800-503-1350 

SALES@NETWORKRS.COM 

www.usednortelnetworks.com 


DM  GW  MIMii 


Protect  your  server  room  with 
a  Weather  Duck  Climate  Monitor 


»  Temperature 
— •  Humidity 
— •  Air  Flow 
— »  Light  Level 
—»  Doors  Open 
-  »  Camera  Optional 
— •  Sound  Level 


Weather^W" 

Duck^f^ 


5  1  2.345.8  1  89 

B=flA/*\0Q,  At.SH'S'So 

www.ITWalchDogs.com 


Advertise  in  the  Marketplace 
and  watch  your  sales  come 
pouring  in! 

Call  Direct  Response  Advertising 
1-800-622-1108 


gfl 


For  More  inforMa+ion 
r  on  Tn 

Network  Worths  Marketplace 
^■contact;  Ef)ko  Gu^oie? 

\$oo-hir-iios  ex+.  eves, 
;•••$*;  ]es ot>ol e® nww.coM 
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OptimumDatalnc.  ^ox  +  ^  ^ 

vsrww.optimumdata.com 


toll  free  800  879  8795 
ph:  + 1  402  575  3000 
fax:  + 1  402575  2011 


1 20/ Day  yffiwanv/ 

Cisco  •  Paradyne  •  ADTRAN  •  Sun  •  Extreme  Networks 


iruMi 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods.  Gifts 
Pens.  Clocks.  Lighters.  Games 

www.suitcase.com 


Marketplace  and 
watch  your  sales 
come  pouring  in! 


Call  Direct  Response 
Advertising 
1-800-622-1108 


CISCO  NORTEL 

NEW  •  REFURB  /  BUY  •  SELL 


Truckload 

Sale 
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NORTEL 

NETWORKS 


JSfj  Bay  Netwo£ks_ 

Fax  Equipment  List  To  801-377-0078 


888-8LANWAN  SEM 

Call  for  Free  Quote!  (888-852-6926)  www.nle.com 


www.measureup.com 
Certification  Practice  Tests 


Learnkey,  Inc. 

(800)  865-0165 
|  www.leamkey.com 
Self-paced  online  CD  network 
I  certification  developer  bus/apps 


Transcender 

(615)  726-8779 
www.transcender.com 
Award-winning  practice  exams 
for  IT  certification 

CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Inexpensive  training  videos  on  CD. 

MCSE,  MCDBA,  .MCSD,  Cisco  CCNA,  Linux,  A+,  Net+ 


IPexpert,  Inc. 

(866)  225-8064 
www.ipexpert.net 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 
CCNP,  CCNA,  and  IP  TELEPHONY 


Capella  University 

(888)  CAP-ELLA 
www.capella.edu 

Capella  University:  Offering  accredited  online 
IT  degrees 


j'o  Jhl-y  You/  IJilhTJ 
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NetSmart  Learning  Partner 


I 


Telecom  tech  co.  in 
Framingham.  MA  seeks  SW 
Engr.  to  design  &  develop  call 
control  service  applications 
using  C/C++,  object  oriented 
design  &  knowledge  of  telepho¬ 
ny  protocols.  Port  application  on 
various  operating  systems  (i.e 
Windows  2000,  Solaris®  Linux). 
Diagnose,  correct,  test  &  deliver 
solutions  for  customer  specific 
issues  w/proprietary  host-based 
telephony  software  Provide 
engineering  &  technical  service 
training  on  proprietary  host- 
based  telephony  services  &  soft¬ 
ware  Must  have:  BS  in  Comp. 
Sci..  Engineering.  Math,  Physics 
or  equivalent  +  6  months  SW 
development  exp.  Must  have 
exp.  w /  C/C++  OS  Programming 
&  entire  SW  development  cycle 
from  design  to  testing. 
Knowledge  of  real-time  embed¬ 
ded  systems,  telephony  hard¬ 
ware  devices,  protocols  & 
Telephony  Infrastructure  req¬ 
uired.  Salary  $62,000/yr. 
Submit  2  resumes  to  Case 
#200202666.  Labor  Exchange 
Office,  19  Staniford  Street,  1st 
ft.,  Boston,  MA  02114. 


Software  Engineers  & 
Programmers:  Analyze, 

design,  test  and  implement 
specialize  software  applica¬ 
tions  for  e-commerce,  Web, 
Client  Server  technologies, 
Legacy  systems  and  distrib¬ 
uted  apps.  in  Weblogic, 
Corba,  Apache,  Mainframe, 
ASP,  J2EE,  Siebel,  PB  and 
related  technologies  utilizing 
appropriate  RDBMS  including 
Oracle  and  DB2.  HR, 
Instcomp,  Inc.,  906  Lacey 
Ave.,  Suite  #  206,  Lisle,  IL 
60536.  EOE. 


Senior  Programmer  with 
MS  in  CS  and  min  2  yrs 
exp  wanted  in  Houston, 
Must  have  working 
knowledge  of  ASP, 
.NET,  J2EE,  SQL,  XML, 
TIBCO,  Plumtree,  Doc- 
umentum  wireless  appli¬ 
cations.  Resume  to:  E- 
Ceptionist,  Inc.,  2000 
Bagby,  Ste.  5430, 
Houston,  TX  77002. 


Computer  Systems  Admin¬ 
istrator.  Analyze/maintain/ 
modify  applications  on  IBM 
mainframe.  Req.  BS  Math/ 
Comp.  Science/Rel.  Field  & 
2  yrs  exp  in  job/2  yrs  exp  as 
Sr.  Analyst/Programmer. 
Spec.  Req.  Expertise  in 
COBOL,  DB2,  CICS,  CSF, 
Cordaptix  &  Utility  Billing 
Systems.  Send  Resume: 
Louie  G.  Abad,  EV3A,  Inc., 
104  Pierpoint  Cir.,  Folsom, 
CA  95630(  Jobsite). 


Paradigm  Infotech  is  looking  for 
programmer/system  analysts, 
s/w  engineers.  Candidate  must 
have  BS  with  at  least  one-year 
IT  experience.  Good  skills  in 
C/C++.  Java,  Oracle,  WebLogic, 
VB,  HTML.  ERP  are  plus. 
Traveling  is  required  Apply 
jobs@paradigminfotech.com. 
EOE 

Staffing  Tree.  LLC  has  openings 
for  System  Analyst,  IT  consul¬ 
tants/recruiters.  BS  or  equiva¬ 
lent  required  Exp  in  Oracle, 
Java.  C/C++.  SQL  &  IT  place¬ 
ment/marketing  preferred 
Travel  required  for  some  posi¬ 
tions  We  sponsor  green  card 
Please  contact 

debdas@staffing-tree  com.  EOE 


MA  based  IT  company  has 
openings  for  Software  Engin¬ 
eers  &  DBA's:  (Multiple  open¬ 
ings):  Research.  Analyze, 

Design,  develop,  test,  diagnose, 
and  implement  various  business 
applications. 

Real  time  OS  Vx  Works, 
Networking  Protocols,  People- 
Soft  HR/Financials,  IPSEC.  IKE, 
BAAN  ERP,  BAAN  tools,  SAP 
r/3  and  ABAP/4,  Oracle 
8.x/9.x/11.x,  Sun  Solaris  2.8, 
Veritas  Clustering,  Oracle 
Utilities,  Unix  Shell  Scripting. 
PL/SQL,  Erwin  Data  Modeling/ 
Designing,  Web  Technologies 
like  J2EE,  JDBC/ODBC,  Web 
sphere,  EJB,  COM/DCOM, 
C/C++,  MS  SQL  Server,  UNIX, 
J2EE  Architect/Team-Lead 
experience  in  implementing 
financial  applications  on  HP- 
Tandem  Non-stop  systems. 
Product  Administration  System 
SABLIME.  Business  Objects 
5.1.5,  Data  Warehousing, 
Informatics  -  Power  Center  5.1, 
SAS  8,  Teradata  Utilities,  Erwin, 
Power  Mart5.1  /  PowerCenter  5, 
Data  Junction,  Cognos 
Impromptu  7.0,  JD  Edwards, 
WinRunner  6.0,  Test  Director 
6.0,  Silk,  Load  Runner,  Rational 
Suite,  SQA  Suite. 

DBAs  must  have  experience  in 
installation,  migration,  moving, 
setup,  monitoring  and  trouble 
shooting  of  various  database 
applications.  May  require  travel 
to  client  sites.  Software 
Engineer  $78,000  &  up:  DBA: 
$60,000  and  up.  Mail  resume  to 
CRG,  INC.,  222  Turnpike  Road, 
Suite  9B,  Westboro,  MA  01581 


LINUX  &  AIX  support.  Assist 
univ.  faculty/staff  to  use  UNIX  to 
support  research,  instruction, 
outreach.  Work  under  Ass't  Dir. 
&  Syst.  Software  Spec.. 
Required  knowledge  &  experi¬ 
ence:  Support  Suse,  RedHat 
Linux  &  AIX.  Research  security 
on  AIX  &  Linux.  Install/test  OS  & 
MySql,  DB2,  GAMESS,  Samba, 
Apache,  Resin,  Schrodinger, 
Matlab.  WBM,  NMON,  MRTG  to 
monitor  system  performance. 
Capacity  planning,  research  hw 
configs.  Build  Beowulf  cluster  & 
pgm  LAN/MPI  PVM.  Backup 
Linux  with  Reiserfs  &  EXT3  File 
systems.  Linux  or  AIX  System 
consulting.  Support  ARC  GIS, 
DB2,  WebSphere,  Jakarta, 
Tomcat.  Implement  Geowall  on 
Windows  &  Linux.  3-D  data  con¬ 
vert.  Backup,  restore,  archive 
large-scale  storage  data. 
Storage  expansion  projection. 
Base  Salary  $35,015  per  12 
months  plus  fringe  benefits. 
Send  two  copies  of  letter  of 
application  and  resume  to: 
South  Dakota  One-Stop  Career 
Center,  Attn:  Laura  Hoyt,  1310 
Main  Ave  S,  Suite  103, 
Brookings,  SD  57006. 
Telephone:  (605)  688-4350. 
Fax:  (605)  688-6761 .  Must  refer 
to  Job  Order  Number 
SD1 235290. 


PROGRAMMER  ANALYSTS  for 
Arlington  Heights.  IL  office. 
Design  &  Develop  software 
applications  using  C++,  Proc", 
Oracle,  Sybase,  XML.UML, 
Coolgen,  Interwoven,  Clear- 
Case,  ClearQuest,  PVCS,  AIX, 
UNIX/Win  NT  Bachelors  req'd  in 
Computers,  Engineering,  Math 
or  related  field  of  study  +2  yrs  of 
related  exp  40  hrs/wk.  Must 
have  legal  authority  to  work  per¬ 
manently  in  the  U  S.  Contact  HR 
Manager.  Terasoft  International, 
Inc.,  2015  S.Ar1ington  Heights 
Road,  #114,  Arlington  Heights, 
IL60005 


DATA.  WIRELESS.  NETWORK. 
YES.  YOU'RE  IN  THE 
RIGHT  NEIGHBORHOOD. 
WE  LIVE  WHERE  YOU  LIVE: 


r\i 


What  can  a  company  like  State  Farm®  possibly  offer  in  the  way  of  I.T.?  Just  one 
of  the  nation’s  largest  computer  networks.  The  drive  of  a  Fortune  25  company. 
And  a  wealth  of  l.T.  opportunities.  Flow  do  you  like  the  neighborhood  so  far? 


STATE  FARM 


LIKE  A  GOOD  NEIGHBOR 


STATE  FARM  IS  THERE 


For  more  information,  visit  statefarm.com*  or  email  jobopps.corpsouth@statefarm.com 


Slate  Farm  •  Home  Offices  Bloomington,  Illinois  •  An  Equal  Opportunity  Employer 
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Jr  Programmers.  Programmers. 
Software  Engineers  &  DBAs: 
Design,  develop,  test  and  imple¬ 
ment  specialized  software  apps. 
in  (a)  Oracle  Financials  and 
Manufacturing  1 1  i  and  related 
tools.  Erwin  Cognos  Suite. 
Business  Objects  and  MF 
Cobol;  (b)  SQL  DBA,  Unix 
Admin.,  VB  Sybase,  Cobol,  C, 
Cold  Fusion  and  related  tech¬ 
nologies;  (c)  J2EE  and  related 
technologies.  Rational  Clear- 
Case.  CORBA,  MQSeries  and 
related  tools;  (d)  BDF. 
JPROBE.Test  Factory,  Requisite 
Pro,  CORBA.  Patrol  DB,  LDAP 
Server  and  Silk  Pilot;  (e) 
EAZYTRIEVE+,  Xpedio  Server, 
SOL  Backtrack,  PatrolDB, 
NetlQ,  Infopac,  Netview  and 
Gauntlet  Firewall;  (f)  PeopleSoft 
HRMS  (HR.  Payroll  and  Benefits 
Administration)  Application 
Engine,  SOR.  Cobol,  DB2, 
CICS,  nVision,  Crystal  Reports 
and  related  tools;  (g)  Java  and 
related  tools,  CORBA,  Sybase, 
Swing  and  Rational  Tools  (h) 
Oracle  Database  Admin,  in 
Oracle  1 1  i.  Oracle  Enterprise 
Manager.  Solaris  AIX,  VB,  C++, 
SQL'Plus  and  related  tools;  (i) 
Cold  Fusion  and  related  tools, 
ASP,  XML,  DHTML,  Crystal 
Reports.  Java.  VB,  DCOM,  MS 
SQL  and  Oracle  8i;  (j)  Oracle 
Financials  and  PeopleSoft, 
Tuxedo,  Developer/Designer 
2000  and  related  tools;  (k) 
Hyperion  Essbase  Apps.  and 
related  tools;  (1)  Oracle, 
Peoplesoft,  ASP,  Java  and  relat¬ 
ed  tools,  SQA  Robot,  Mercury 
Test  Director  and  Silk;  (m) 
Clarify  and  related  technologies; 
(n)  JDK,  ASP,  CORBA,  Oracle, 
SQL  Server,  Linux,  VB  and 
HTML:  (o)  SAS  and  related 
packages.  Java,  Business 
objects  and  Oracle.  US  Workers 
only.  Consulting  positions  requir¬ 
ing  travel.  Prevailing  wage/ben¬ 
efits.  Send  resume  to  HR,  SSG, 
3300  Buckeye  Road,  Suite  555, 
Atlanta,  GA  30341,  identifying 
interested  position(s).  No  Phone 
calls  please. 


Voicecom  Telecommunications, 
LLC  seeks  a  Sr,  Director  of  Network 
Operations  to  direct  and  manage  an 
integrated  Network  Control  Center 
and  Field  Operations  Team,  which 
supports  Voicecom's  nationwide  IP, 
Voice  and  Data  Telecommunica¬ 
tions.  Responsibilities  include  ad¬ 
vanced  level  network  engineering 
and  maintenance  support,  direct 
and  manage  a  team  of  managers, 
engineers,  technicians  and  field 
operations.  Manage  extensive 
voice,  data  and  IP  networks  to 
include  IVR.  PBX,  VoIP,  Voice 
Messaging  systems,  Clear  Channel, 
Channelized.  Fractional,  DSI,  DS3, 
SONET,  DWDM,  ATM,  SMDS, 
Frame  Relay,  SMTP,  HTTP,  TEL¬ 
NET,  TRACEROUTE.  PING  BGP. 
ISIS,  Static.  Multicast,  "MPLS  VPN", 
IS-IS  metncs,  DMS  Switching,  Voice 
Trunks,  DID  &  800  Services 
Candidates  should  have  a  BA  or  BS 
in  Computer  Science  or  related 
field,  five  or  more  years  of  business 
management  responsibility,  exten¬ 
sive  lease  management  negotiation, 
relevant  technology  experience  and 
good  references  Please  submit 
your  resume  with  salary  history  and 
requirements  to  HR  Director.  5900 
Windward  Parkway,  Suite  500, 
Atlanta,  Georgia  30005 


Sr.  Systems  Developer  -  life 
cycle  syst.  develop,  features/ 
projects  in  ASD,  generate 
require/function.  specs,  design 
consolid./develop./unit  test/ 
maintain,  interface  w /  ASD 
Quality  Assur.  for  integration 
testing  &  interact  w/  ASD  archi¬ 
tect  for  project/feature  life  cycle. 
Bachelor's  or  foreign  degree 
equiv.  in  CS,  MIS,  CIS. 
Engineer.,  or  related.  &  5  yrs 
progressive  exp.  in  position,  in 
software  or  systems  engineer  , 
program  or  develop,  req'd  Will 
accept  Master's  m  stated  fields 
in  ':eu  of  bachelor's  +  exp 
Competitive  salary.  40  hrs/wk, 
p+  as  need  Send  resume  to:  M. 
Rowers.  HR  Mgr.  REF#JY. 


Full-time  Programmer/Database 
Analyst:  Lead  programmer/ 

database  analyst  responsible  for 
full  software  development  lifecy¬ 
cle.  Manage,  design,  develop 
and  implement  database,  data¬ 
base  web  site  for  standard 
reporting  and  information 
exchange  Identify  business 
requirements,  translate  busi¬ 
ness  requirements  into  function¬ 
al  design  and  processes  for 
diverse  development  platforms, 
computing  environments,  soft¬ 
ware,  hardware,  technologies 
and  tools.  Research  and  evalu¬ 
ate  new  technologies  and  rec¬ 
ommend  cost  effective  solu¬ 
tions.  Develop  and  prepare 
computer  programs.  Prepare 
program  test  data,  tests,  and 
debug  programs.  Work  with 
SQL,  Oracle,  C++,  JAVA, 
PL/SQL,  Windows  NT,  Unix  and 
OS2.  Must  have  Bachelor’s 
degree  in  Computer  Science  or 
related  field.  Employer  will 
accept  combination  of  educa¬ 
tion/experience  that  equates  to 
Bachelor's  degree  (3  to  1  rule). 
Foreign  or  domestic  education 
equivalent  to  Bachelor's  degree 
accepted.  Must  have  2  years 
experience  in  job  offered  or 
position  with  same  duties. 
Salary:  $72,500.  Send  resume 
to  Natasha  Lyttle,  Ref.  # 
NCL001 ,  SITA  INC,  3100 
Cumberland  Boulevard,  Suite 
200,  Atlanta,  Georgia  30339. 


Mechanical  Software  Engineer: 
Develop  Real-Time  control  mod¬ 
ules  on  Windows  NT/2000/XP 
platform.  Design  PC-based 
Computerized  Numerical 
Control  (CNC)  and  Prog¬ 
rammable  Logic  Control  (PLC), 
industrial  robots  and  servo 
motion  control  functions  and 
algorithms  in  C,  Visual 
C++/MFC  and  Visual  Basic. 
Develop  Real-Time  drivers  for 
IEEE1394  FireWire  and  propri¬ 
etary  high-speed  fiber  optic 
communications.  Perform 
mechatronics  system  integration 
and  evaluation,  machine  dynam¬ 
ics  and  vibration  analysis  and 
servo  tuning  for  CNC  lathe  and 
milling  machines.  Link  CAD/ 
CAM  packages  for  Direct 
Numerical  Control  (DNC). 
Requirements  include  a 
Master's  degree  or  equivalent  in 
Mechanical  Engineering.  No 
work  experience  required. 
Applicants  must  have  unrestrict¬ 
ed  authorization  to  work  in  the 
United  States.  Salary  $77,539/ 
year.  40  hours/wk.  Respond 
with  two  copies  of  resume  to 
Case  #200202479,  Labor 
Exchange  Office,  19  Staniford 
St.,  1st  F!„  Boston,  MA  02114. 


Computer  Programmer  who  will 
plan,  develop,  test  and  docu¬ 
ment  computer  software  using 
COM,  COM  +,  MSMQ,  MTS,  IIS, 
IIS  Security,  ASP,  Visual  Basic, 
XML,  RDBMS,  WAP,  Bluetooth, 
PVCS,  SOAP,  WML,  ACH  for 
PC,  BizTalk  Server,  TestDirector, 
and  Visual  Studio.NET. 

Applicant  must  have  a 
Bachelor's  degree  or  foreign 
degree  equivalent  combination 
of  education  in  Computer 
Science  or  Engineering. 

Applicant  must  have  at  least  5 
years  of  work  experience  in  soft¬ 
ware  development  in  various 
platforms  and  technologies. 
Applicant  must  have  working 
knowledge  of  Bluetooth,  WML, 
ACH  for  PC,  BizTalk  Server, 
TestDirector,  Visual  Studio.NET, 
IIS  Security  and  PVCS 

Applicant  must  be  a  Microsoft 
Certified  Professional  Solution 
Developer  $66,200/yr,  40 

hours/wk,  9:00am-5:00pm. 
Send  resume,  listing  Job  Order 
Number  WEB  347647  to  Site 
Administrator.  Greene  County 
Team  PA  CareerLink.  4  West 
High  Street,  Waynesburg,  PA 
15370-1324 


Web  Service  &  Support  Analyst 
I:  Entry  level  position  to  design  & 
develop  multi-tier  database-dri¬ 
ven  websites;  troubleshoot  & 
maintain  medical  staffing  system 
using  ASP,  VB/COM,  Java¬ 
Script,  SQL/SQL  Plus  &  HTML; 
use  Photoshop/  ImageReady  & 
Flash  to  design  graphics  for  web 
pages  and  advertising  banners; 
web  marketing  w  /  Search 
Engine  Optimization;  monitor  & 
analyze  Web  Traffic.  Req.  BS  in 
Healthcare  Info  Sys,  CS  or  other 
related  field,  no  exp.  req.  but 
must  demo,  ability  to  perform 
duties  through  course  work  in 
Healthcare  Info  Sys  or  related 
course.  Resume  w /  transcript  to 
HR  Director,  Medical  Doctor 
Associates,  145  Technology 
Pkwy  NW,  Norcross,  GA  30092 


Tool  King,  LLC,  seeks 
a  software  developer 
with  experience  in  soft¬ 
ware  and  web  tech¬ 
nologies.  B.S.  in 
Comp.  Science  +  3  yrs 
exp  in  VB,  ASP,  SQL¬ 
Server,  IIS.  Send 
resume  to  HR,  299 
Bryant  St.,  Denver,  CO 
80219. 


Software  Business  Analyst: 
Consult  with  client  companies  to 
review,  analyze,  evaluate  their 
business  systems  &  write 
detailed  description  of  user 
needs.  Create  technical  specs  & 
steps  reqd  to  develop  or  modify 
information  systems  applica¬ 
tions.  Automate  costing  &  pur¬ 
chase  order  system  using  MS 
ACCESS,  Oracle,  Crystal 
Reports,  VB  in  Win  NT  environ¬ 
ment.  Req  Bachelor's  in 
Accountancy/Rel  field  with  2  yrs 
exp.  Wages:  $60,000/yr,  40 
hrs/wk,  8-5.  Send  2  resumes: 
Case#200202838,  Labor 
Exchange  Office,  19  Staniford 
St.  1st  FI.,  Boston,  MA  02114. 


Technical  Support  Specialist: 
assign  and  coordinates  work 
projects;  establish  work  priorities 
and  evaluate  cost  and  time 
requirements;  review  and  test 
programs  to  ensure  compliance 
with  specifications  and  stan¬ 
dards;  maintain  company  net¬ 
work  system  and  website, 
process  e-commerce.  Req.  BS 
or  equivalent  in  CS,  CE  or  relat¬ 
ed  field  w /  proficiency  in  JSP, 
HTML,  TCP/IP,  network  HW/SW 
installation,  configuration,  and 
troubleshooting.  40hr/wk,  11-7. 
Contact  Sunnytech,  Inc.  at  2780 
Peterson  Place,  Norcross,  GA 
30071 


Software 

Professionals 

Chart  Links  is  a  rapidly  growing 
medical  software  company 
located  in  New  Haven,  CT.  We 
are  seeking  experienced  full¬ 
time  software  developers  and 
contractors  with  the  following 
skills:  HTML/XML,  JAVA. 

JavaScript,  SQL  Server,  Visual 
Basic,  Data  Modeling,  RDBMS 
Designer  and  Crystal  Reports 
Forward  your  resume  to  Chart 
Links'  HR  Dept,  via  fax  (203) 
624-3501  or  e-mail  at: 
hr@chartlinks.com.  For  more 
information,  please  visit  our 
website  at:  www  chartlinks  com 


Luckily,  We  Are  Too! 


itcareers.com  is  now  powered 
by  CareerJournal.com! 

Search  for  jobs  and  post 
your  resume  here  on 


www. itcareers.com 


Computerworld  •  InfoWorld  •  Network  World  •  September  1 ,  2003 


MV030601EAM/MW  2 


IT 


careers.com 


IT 


careers 


THE  WORLD’S  BEST 
IT  TOOL  IS  IN 
YOUR  HANDS. 

THE  WORLD’S  BEST 
IT  TALENT  IS  AT 
OUR  SITE. 

WHAT  ELSE  WOULD  YOU  EXPECT 
FROM  THE  ONE  AND  ONLY  CAREER 
RESOURCE  FOR  READERS  OF 
COMPUTERWORLD, 

INFO  WORLD  AND 
NETWORKWORLD? 

COME  ON, 

RECRUIT  OUR  READERS 
AND  YOU’LL  RECRUIT  LESS  OFTEN 

CHECK  US  OUT  AT: 

WWW.ITCAREERS.COM 


Hetrosys.  LLC,  based  in  Detroit, 
Michigan  seeks  Senior  UNIX 
System  Administrators  and 
Senior  Database  Administrators 
for  Detroit  and  nation-wide 
opportunities.  All  positions 
require  B.S.  in  Computer 
Science.  UNIX  position  requires 
two  years  high  availibility  experi¬ 
ence  and  MC/Service  Guard 
certification.  Database  positions 
require  two  years  experience  in 
decision  support  application 
development  or  data  warehous¬ 
ing  in  addition  to  standard  suite 
of  ORACLE  administration  tools 
Apply  via  U.S.  Mail  with  resume 
to  Hetrosys,  LLC,  3757  S. 
Baldwin  Road  #223,  Lake  Orion, 
Ml  48359 


Computers-Seeking  qualified 
candidates  for  senior  and  mid¬ 
level  IT  professional  positions 
including:  Programmer  Analysts, 
Project  Managers,  Software 
Engineers,  IT/Software  Consul¬ 
tants,  Systems  Analysts. 
Qualified  candidates  must  pos¬ 
sess  MS/BS  or  equiv.  and/or  rel. 
work  exp.  Some  positions 
require  1  yr.  SAP  exp.  Exp.  in 
multi-module  implementation/ 
multi-OS  environment  is  pre¬ 
ferred.  Strong  RDBMS  back¬ 
ground  a  plus.  Fwd  resume  & 
references  to:  Halcyon 

Solutions,  Inc.,  Attn:  HR,  950 
Taylor  Station  Rd.,  #D, 
Columbus,  OH  43230. 


Looking  For 
A 

New  Career? 


The  new 
itcareers.com 
and 

CareersJoumal.com 
combined 
jobs  database 
can  help  you 
find  one. 
Check  us  out! 
www.itcareers.com 


Prog.  Analysts  to  analyze, 
design,  develop  appls  using 
C++,  VB.Net,  ASP.Net,  Java, 
JSP,  Java  Script,  COM,  Oracle, 
SQL  Server,  IIS,  HTML,  etc. 
under  Windows.UNIX  os;  per¬ 
form  system  &  functional  analy¬ 
sis;  document  development 
process;  test,  debug  and 
upgrade  existing  software. 
Require  candidates  with  BS  or 
foreign  equiv.  in  CS/Engg.(any 
branch)  &  2yrs  exp.  in  S/W  field. 
F/T.  Travel  involved.  Competitive 
salary.  Send  Resumes  to:  HR. 
Softrim  Corporation,  3443  Pine 
Ridge  Road,  Naples,  FL  34109 


QA  Specialist:  Produce  test 
plan,  test  reqmts  documents; 
create  &  run  test  scripts;  compile 
test  scripts  into  test  procedures; 
code/dvlp  VB  scripts  for  regres¬ 
sion  testing;  track  &  verify  status 
of  defects;  dvlp  &  run  SQL 
queries,  w/  Client/Server  Testing 
&  Rational  products,  w/propri- 
etary  &/or  COTS  applies  &  main¬ 
frame  applies.  Req.  Bach  in  CS, 
MIS  or  other  related  field  +  2  yr 
exp.  in  job  offd.  Resume  to  Ms. 
Parchment,  Business  Computer 
Applications,  2180  Satellite 
Blvd.,  Ste  325  Duluth,  GA  30097 


Seeking  qualified  applicants  for 
the  following  positions  in  Mem¬ 
phis/Collierville,  TN:  Senior  Bus¬ 
iness  Application  Analyst.  Act  as 
liaison  between  technical  devel¬ 
opers  and  users/customers. 
Requirements:  Bachelor's  degree 
or  equivalent*  in  computer  sci¬ 
ence,  math,  statistics,  business  or 
related  field  plus  5  years  of  expe¬ 
rience  in  analyzing  business  sys¬ 
tems  and  developing  technical 
automated  solutions.  Experience 
with  software  development  life 
cycle  process  and  SQL  also 
required.  'Master’s  degree  in 
appropriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Sibi  George,  FedEx 
Corporate  Services,  1900  Summit 
Tower  Blvd.,  Suite  1400,  Orlando, 
FL  32810.  EOE  M/F/D/V. 


Software  Engineers  Need¬ 
ed.  Seeking  qualified  candi¬ 
dates  possessing  MS/BS  or 
equiv.  &/or  relevant  work 
experience.  Part  of  the  rel, 
req.  exp.  must  include  1 
year  working  w  /  Data 
Transformation  Services. 
Duties  include  design, 
develop,  test  and  support 
software  applications  and 
systems.  Mail  res.,  sal.  req. 
&  ref.  to:  Smartopia,  Inc., 
1990  Middlesex  St„  #5, 
Lowell,  MA  01851.  ATTN: 
HR. 


Software  Enggs.  to  lead  teams 
to  design,  develop/maintain 
web  appls  using  Java,  J2EE, 
Servlets,  ASP,  EJB,  HTML, 
JavaScript,  JSP,  VB,  SQL 
Server,  etc  on  Windows  &  UNIX 
OS;  provide  training  &  user  sup¬ 
port  for  the  systems  and  related 
appln  internally  &  to  clients; 
debug  and  modify  existing  soft¬ 
ware.  Require:  MS  or  foreign 
equiv  in  Comp.  Sci  /  Comp. 
Engg.  &  1  yr  exp.  in  IT.  Full  time. 
High  Salary.  Travel  involved. 
Respond  by  mail  to  HR.  ABZ 
Consulting,  Inc.,  2600  Century 
Prkwy,  Ste  100,  Atlanta,  GA 
30345. 


Mechanical  Software  Engineer: 
Develop  Human-Machine 
Interface  (HMI)  for  Real-time 
soft  motion  control  modules  on 
Windows  NT/2000/XP  platform. 
Design  PC-based  Computerized 
Numerical  Control  (CNC)  and 
Programmable  Logic  Control 
(PLC),  industrial  robots  and 
servo  motion  control  functions 
and  algorithms  in  C,  Visual 
C++/MFC  and  Visual  Basic. 
Perform  control  system  integra¬ 
tion  and  evaluation,  machine 
dynamics  and  vibration  analysis 
and  servo  tuning  for  CNC  lathe 
and  milling  machines.  Manage 
chassis  and  board  structure 
design  and  improvement  with 
CAD  systems.  Link  CAD/CAM 
packages  for  Direct  Numerical 
Control  (DNC).  Requirements 
include  a  Master's  degree  or 
equivalent  in  Mechanical 
Engineering.  No  work  experi¬ 
ence  required.  Applicants  must 
have  unrestricted  authorization 
to  work  in  the  United  States. 
Salary  $77, 539/year.  40 

hours/wk.  Respond  with  two 
copies  of  resume  to  Case 
#200202478,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FI., 
Boston,  MA  02114. 


DBAs  to  install,  configure/ 
administer  Oracle  database, 
SQL'Net,  Net8;  design  &  devel¬ 
op  appls  using  Oracle,  Dev 
2000,  SQL,  etc;  maintain  &  mon¬ 
itor  backup,  recovery  procedures 
and  maintain  database  securi- 
ty;design,  code  Java2Beans  for 
Oracle  database  access;  per¬ 
form  data  entity  design  in  Erwin, 
web  interface  design  &  appl  logic 
definition.  Prog.  Analysts  to  ana¬ 
lyze,  develop  appls  using  OOAD, 
Java,  J2EE,  ASP,  EJB,  XML, 
Jscript,  Active  X,  JFC  Swing, 
HTML, etc.  under  Windows, 
UNIX  os;  perform  req  analysis; 
provide  on  site  maintenance 
such  as  debug,  modify,  fine  tune 
&  code  optimization.  Require: 
BS  or  foreign  equiv.  in  CS/Engg. 
(any  branch)  &  2yrs  exp  in  IT. 
Comp.  Salary.  Travel  involved. 
F/T.  Resume  to:  Infilink 
Corporation,  4  Concourse 
Parkway,  Ste  270,  Atlanta,  GA 
30328 


INTECH  Software  Solutions  has 
several  openings  for  Software 
Engineers.  Will  be  responsible  for 
research,  design  &  development 
of  software  sys  and  applns.  Must 
have  a  strong  background  in  five 
or  more  of  the  following:  Java, 
C++,  Tuxedo,  Smalltalk,  VB, 
Oracle,  Sybase,  SQL  Server, 
UML,  XML,  XSL,  Rational  Rose. 
MQ  Series,  Visibroker,  CRM, 
OOD/OOP,  EAI,  iPlanet, 
WebLogic,  Solaris,  and  Windows. 
Must  have  MS  or  eqvlnt.  in 
Comp.  Sci  or  Engineering  and  3 
yrs  rele  exp.  Job  in  Atlanta,  GA 
and  other  locations.  Send  resume 
to  HR,  Intech  Software  Solutions, 
12600  Deerfield  Parkway,  Suite 
100,  Alpharetta,  GA  30004 
Email:  hr@intechsw.com 


Prog.  Analysts  to  analyze, 
design,  develop  network  securi¬ 
ty  s/w  using  VC++,  C++,  SQL 
Server,  MS  Access,  IBM  Visual 
Age,  Apache  Web  Server,  etc. 
under  Windows/UNIX  os;  design 
server  side  Java  Components. 
GUI  using  JScript,  JSP, 
Servlets,  HTML,  etc;  design  and 
optimize  database  using  JDBC. 
SQL,  ODBC,  etc;  develop 
encription  schemes;  deploy, 
evaluate,  test  appls.  Require 
BS  or  foreign  equiv.  in 
CS/Computer  Engineering  with 
2  yrs  exp  in  IT  field.  High  salaiy. 
travel  involved.  F/T.  Resumes: 
HR,  Lancope,  Inc.,  3155  Royal 
Drive,  Bldg  100,  Alpharetta,  GA 
30004. 


ExtraQuest  Corporai.cn  seeks 
Sr.  Database  Administrator  to 
work  in  Greenwood  Village.  CO 
to  develop  and  administer 
Oracle  databases  that  run  on 
UNIX  and  Linux  platforms 
Install  and  maintain  database 
documentation  and  patch  appli¬ 
cations.  Engage  in  capacity 
planning,  systems  analysis  and 
design,  application  program 
development  and  proactive  per¬ 
formance  analysis,  monitoring 
and  tuning.  Perform  hot  back¬ 
ups.  hot  standby  databases  and 
data  guard  configuration  utilizing 
RMAN.  Design,  configure  and 
administer  Oracle  Parallel  and 
Real  Application  Cluster 
Database  Servers.  Engage  in 
data  conversion/migration, 
development  of  budget  and  pro¬ 
ject  proposals  and  project  man¬ 
agement.  Requires  bachelor's 
degree  in  computer  science  or 
related  field,  as  well  as  4  years 
experience  performing  the  core 
duties  and  using  the  skills 
described  above.  Respond  by 
resume  to  ExtraQuest  Corp., 
Human  Resources.  5575  DTC 
Pkwy,  #240,  Greenwood  Village, 
CO  80111,  and  refer  to  job 
#4106. 


CCIE  Technical  Support 
Manger-Post  Sales  -  Manage 
post-sales  technical  support 
activities  of  technical  support 
staff  engaged  in  the  analysis, 
design  and  implementation  of 
solutions  to  engineering  and 
integration  problems  of  complex 
internetworked  systems  based 
in  Cisco  Systems  technologies. 
Bachelor's  degree  or  foreign 
degree  equivalent  in  Computer 
Engineering  or  related  field 
required  and  five  years  of  expe¬ 
rience  in  network  design  engi¬ 
neering  and/or  network  support 
engineering.  Please  forward 
resume  to  Attn:  Mike  Gallimore, 
BellSouth  Communication 
Systems,  2359  Perimeter  Point 
Parkway,  Charlotte,  North 
Carolina  28208.  Please  do  not 
email  or  fax  resumes.  EOE 


Database  Administrator  (4  open¬ 
ings):  Analyze,  dsgn  s/ware  & 
h/ware  reqmts.  Install,  adminis¬ 
ter  Oracle  d/bases  in  HA  cluster. 
Support  OPS,  Administer  OAS 
Database  recovery,  RMAN 
backup,  Datastage,  ERWIN, 
Reportwriter,  Forms,  Replication 
Manager,  Pro*C,  Shell  Scripting. 
Use  Solaris,  HP-UX,  AIX,  DEC- 
Alpha,  NT.  Req.  BS  in  CS,  Math 
or  other  Engg  or  sci  field  +  1  yr 
exp.  in  job  offd.  40hr/wk 
Resume  to:  HR  Mgr,  Omnisoft, 
Inc.,  1265  Compass  Pointe 
Crossing,  Alpharetta,  GA  30005. 


Netegrity,  Inc.,  a  leader  in 
Software,  Services  and  High 
Technology  seeks  a  Prof¬ 
essional  Services  Consultant. 
Position  requires  degree  and 
industry  experience.  Also 
requires  70-80%  domestic 
and  international  travel.  If 
interested  send  resume  to 
Human  Resources,  Netegrity 
Inc.,  201  Jones  Road,  5th 
Floor,  Waltham,  MA  02451,  or 
via  fax:  781-207-5835,  or 
online  at  www.netegrity.com. 
EOE. 
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SEMINARS  EVENTS 


Network  World  Seminars 
and  E vents  are  one  and  two 
day,  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies.  All  of  our  seminars  are 
also  available  for  customized  on-site  training.  For  complete 
and  immediate  information  on  our  current  seminar  offerings, 
call  a  seminar  representative  at  800643  4668.  or  go  to 
www.nwfusion.com/seminars. 
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The  road  ahead 

Microsoft  has  vowed  to  fix  the  patch-management 
problem,  but  it  won’t  come  without  a  lot  of  work  to 
improve  its  current  technology. 


Challenges 

•  Reduce  number  of  installer  technologies:  Microsoft  has 
eight  patch  installation  technologies  that  stretch  across  its  major 
products.The  company  will  reduce  that  to  two,  one  for  the  operating 
system  and  one  for  applications.The  questions  are  when,  and  will 
they  be  integrated  into  current  products. 

•  Consolidate  download  sites  into  one  site:  Windows  Update 
and  Software  Update  Services  (SUS)  now  provide  Windows 
patches.  Patches  for  other  products  such  as  Office,  Exchange 
and  SQL  Server  must  be  found  elsewhere.  Microsoft  plans  to 
create  one  site  that  checks  to  see  whether  patches  are  needed  on 
any  product. 

•  Establish  consistency: Tools  such  as  Windows  Update,  SUS, 
System  Management  Server  and  Microsoft  Baseline  Security 
Analyzer  can  give  conflicting  results  as  to  whether  a  patch  is 
installed. This  fosters  time-consuming  manual  checks  by 
administrators  to  verify  that  a  patch  has  been  effectively  deployed. 


Microsoft 

continued  from  page  1 

months  ago  that  included  cutting 
the  number  of  patch  installers 
from  eight  to  two  and  developing 
a  patch-update  site  for  Microsoft 
products. 

Currently,  the  company  uses 
eight  different  patch  installers 
across  its  product  lines, and  those 
installers  don’t  report  that  a  patch 
has  successfully  installed.  The 
tools  used  to  verify  a  patch  is  in¬ 
stalled  often  give  conflicting  re¬ 
sults,  leaving  users  vulnerable 
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even  though  they  think  their  sys¬ 
tems  are  patched.  This  issue  was 
highlighted  during  the  recent 
Blaster  worm  attacks  and  the  MS- 
SQL  Slammer  worm  intrusions 
into  SQL  Server  systems  earlier 
this  year. 

“It’s  better  not  to  have  any  tools, 
than  ones  that  lie  to  you,”  says 
Tom  Geairn,  president  of  New- 
View  Consulting.  He  says  Micro¬ 
soft’s  patching  system  has  come  a 
long  way  but  still  needs  repairs. 
“People  are  mad  enough  now  to 
force  things  to  change.” 

The  changes  are  long  over- 
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due,  many  say  after  years  of 
user  frustration. 

“What  they  are  doing  now  is 
sewing  the  seams  together  so  that 
they  will  look  presentable 
enough  to  us  so  they  can  say  they 
are  trustworthy  says  Russ  Cooper, 
surgeon  general  of  security  ser¬ 
vices  company  TruSecure  and 
moderator  of  the  discussion  list 
NTBugtraq.  “They  are  cleaning  up 
a  mess  to  get  to  where  they  can 
deliver  tangible  improvements.” 

Cooper  says  many  things  Micro¬ 
soft  is  doing  are  already  possible 
with  third-party  patch  manage¬ 
ment  tools  from  Shavlik  Tech¬ 
nologies,  which  licenses  some  of 
its  technology  to  Microsoft.  Other 
vendors  such  as  Aelita,  BigFix, 
ConfigureSoft,  Ecora,  PatchLink 
and  St.  Bernard  Software  also 
offer  patch  management  tools. 

Microsoft,  however,  knows  it  has 
work  to  do.  Scott  Culp,  senior 
security  strategist  for  the  com¬ 
pany’s  Trustworthy  Computing 
team,  says  dramatic  changes  are 
now  in  the  works.  “We’ve  heard 
the  same  consistency  com¬ 
plaints,  and  we  agree,”  he  says. 

Microsoft’s  chief  security  strate¬ 
gist  Scott  Charney  earlier  this  year 
created  a  30-member  internal 
task  force  to  consolidate  patch 
management  into  a  standardized 
architecture  that  stretches  across 
all  Microsoft  products. 

The  big  question  is:  When  will 
MS  deliver  all  the  pieces? 

Microsoft  first  got  serious  about 
patch  management  two  years  ago 
following  the  Code  Red  and 
Nimda  attacks.  Culp  says 
improvements  will  happen  in 
phases  but  the  most-significant 
improvements  will  be  seen  over 
the  next  four  to  12  months. 

A  major  part  of  the  effort 
begins  this  week  with  the  beta 
release  of  Microsoft  Installer  3.0. 
The  installer  will  be  one  of  two 
that  will  replace  the  company’s 
eight  patch-installation  tech¬ 
nologies.  MSI  3.0  will  be  the 
installer  for  applications  such  as 
SQL  Server,  Office  and  Ex¬ 
change.  Update.exe,  which  was 
developed  by  the  Windows 
Sustained  Engineering  team,  will 
be  used  on  operating  systems. 

“You  will  see  dramatic  conver¬ 
gence  on  the  installer  technolo¬ 
gy  by  the  end  of  this  year, 
although  it  might  not  be  on  all 
products,”  Culp  says.  MSI  3.0  is 
expected  to  ship  in  mid  2004, 
and  all  Microsoft  products  are 
expected  to  use  the  new 
installers  by  year-end  2004. 

He  says  MSI  3.0  can  be  installed 
on  Windows  Server  2003,  Win¬ 
dows  XP  and  Windows  2000  with 
Service  Pack  3  and  higher.  The 


installer  will  be  integrated  into 
Microsoft  software  starting  with 
the  Longhorn  products,  which 
start  with  a  new  operating  system 
that  is  scheduled  for  release  in 
2005  or  2006. 

Microsoft  also  is  working  on  a 
standard  set  of  installer  options 
that  will  mean  every  patch  has 
the  exact  naming  conventions  for 
deployment  operations,  such  as 
quiet  rollouts  that  reduce  the 
number  of  dialog  boxes.  In  the 
works  is  a  standard  title  for  patch¬ 
es  that  will  include  documenta¬ 
tion  information,  platform, service 
pack  and  patch  version.  These 
efforts  are  designed  to  make  it 
easier  for  users  to  understand  the 
patch  just  by  looking  at  its  title. 

The  company  also  will  expand 
its  uninstall  feature  beyond  Win¬ 
dows  patches  to  every  patch  for 
every  system.  This  feature  was 
added  to  patches  for  Internet 
Explorer  in  March  2003,  Culp 
says,  but  he  would  not  specify  a 
time  frame  for  other  products. 

“Reducing  the  number  of  in¬ 
stallers  will  make  my  life  easier? 
says  Raj  Maini, systems  analyst  for 
the  American  Chemistry  Council, 
a  lobbying  group  for  chemical 
companies  in  Arlington,  Va.  “But 
what  I  really  would  prefer  is  to 
have  something  that  ensures  the 
patch  installs  correctly’ 

Microsoft  plans  to  address  that 
issue  and  is  developing  a  stan¬ 
dard  assessment  technology  for 
determining  if  a  patch  is  needed 
or  is  properly  installed.  The 
assessment  engine  will  be  stan¬ 
dard  across  Windows  Update, 
Software  Update  Services  (SUS), 
Microsoft  Baseline  Security  Ana¬ 
lyzer  (MBSA)  and  System  Man¬ 


agement  Server  and  the  forth¬ 
coming  System  Center,  which  is  a 
combination  of  SMS  and  Micro¬ 
soft  Operations  Manager. 

Also  being  developed  is  a  com¬ 
panion  reporting  engine  that  will 
provide  details  on  whether  a 
patch  was  installed  successfully. 
Microsoft’s  Culp  again  says  there 
is  no  time  frame  for  the  two 
engines,  but  that  improvements 
would  be  evident  in  the  next  12 
months. 

Microsoft  plans  to  add  support 
for  other  products  including 
Office  and  for  foreign  language 
patches  into  MBSA,  which  checks 
for  missing  patches. 

The  company  also  is  creating 
one  centralized  patch  update  site 
that  includes  all  its  products. 

“There  should  be  one  place  to 
go  to  get  all  your  patches,” 
Culp  says. 

Currently,  Windows  Update, 
aimed  at  consumers  and  SUS  for 
corporations,  only  provides  oper¬ 
ating  system  patches.  Office  has 
its  own  patch-update  site,  while 
Exchange  and  SQL  Server  don’t 
have  an  official  patch-manage¬ 
ment  site. 

Microsoft  also  plans  to  add 
automated  patch  updating  to  all 
its  products  including  SQL  Server, 
Exchange  and  Office.  Automated 
patch  updating  is  found  in  XP 
and  Win  2000  with  Sep/ice  Phck  3 
and  4.  And  the  company  is  con¬ 
sidering  making  it  the  default 
configuration  on  some  products, 
especially  those  for  consumers, 
according  to  Culp.  SI 
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Dell  to  help  customers 
corral  their  switches 

■  BY  STEPHEN  LAWSON 

Dell  this  week  will  offer  a  free  tool  for  centrally  managing  its  LAN 
switches,  a  move  that  better  matches  up  the  boxes  vs.  those  of  network 
gear  sellers  such  as  Cisco  and  Nortel  that  already  offer  such  software. 

Dell’s  OpenManage  Network  Manager,  now  available  to  Dell  network 
customers  as  a  free  download,  is  designed  to  let  administrators  simul¬ 
taneously  perform  a  variety  of  management  functions  on  multiple  Dell 
switches. 

With  the  software,  a  network  manager  can  define  a  group  of 
switches  and  set  up  configurations, reset  access  controls, and  activate 
features  for  all  switches  in  a  group,  Dell  says.  The  manager  also  can 
keep  a  back-up  copy  of  the  correct  configuration  to  send  out  to  a 
device  if  it  needs  to  be  restarted,  according  to  the  company 

OpenManage  lets  managers  schedule  events  such  as  configuration 
backups,  which  are  better  performed  during  off  hours,  and  periodic 
changes  in  SNMP  community  strings,  which  work  like  administrator 
passwords. 

Dell  has  been  in  the  network  equipment  business  for  about  two  years 
and  currently  is  shipping  four  managed  products:  the  FbwerConnect 
3324  and  3348  Fast  Ethernet  switches  and  the  FbwerConnect  5212  and 
5224  Gigabit  Ethernet  switches.  Until  now,  administrators  could  only 
manage  these  switches  one  at  a  time.The  company  says  OpenManage 
is  ideal  for  organizations  with  more  than  10  Dell  switches.  Many  Dell 
switch  customers  are  small  and  midsize  businesses. 


Lawson  is  a  senior  correspondent  with  the  IDG  News  Service. 
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Mark  Gibbs 


Running  the  numbers  on  source  verification 


e  ended  last  weeks  discus¬ 
sion  about  how  to  combat 
spam  (see  www.nwfusion. 
com,DocFinder:  7452)  by  mention¬ 
ing  a  technique  called  source  verifi¬ 
cation  and  readers  who  sent  feed¬ 
back  about  their  experiences  with  a 
system  I  am  experimenting  with. 

The  way  it  works  is,  if  your  address  isn’t  known,  my 
source  verification  system  puts  your  message  on 
hold  and  sends  a  note  asking  you  to  respond,  the 
idea  being  that  spammers  operating  out  of  tempo¬ 
rary  accounts  can’t  write  back. When  legitimate  mail 
is  returned  the  system  releases  the  original  message. 

I’ve  had  some  interesting  questions  about  potential 
source  verification  drawbacks.  Reader  Bill  Neuen- 
dorff  commented:  “Looks  to  me  like  source  verifica¬ 
tion  would  almost  triple  the  bandwidth  gobbled  by 
just  the  spam  alone.” 

Indeed,  it  does  look  like  that  on  first  blush.  We  are, 
after  all,  receiving  something.sending  something 
back  out  and  then  getting  still  more  mail  in  the  final 
phase.  But  the  source  verification  process  adds  only 
about  10%  to  bandwidth  overhead. 

Let’s  do  the  math. 

Say  your  average  user  gets  100  30K-byte  messages 
a  day  —  that’s  3M  bytes  total.  Assuming  a  spam  ratio 
of  75%,  that  means  75  are  spam  while  the  other  25 


are  from  legitimate  sources. 

Every  piece  of  mail  that  doesn’t  have  a  recognized 
address  is  challenged  with,  in  the  case  of  the  system 
I’m  using,  a  3K-byte  message. 

So  the  system  challenges  all  75  pieces  of  spam. 
And  presuming  that  10%  of  the  25  legitimate  pieces 
of  mail  are  from  new  addresses,  it  also  challenges 
about  three  real  messages.That  means  the  system 
generates  234K  bytes  of  challenges. 

Let’s  presume  the  three  legitimate  senders  respond 
and  generate  another  9K  bytes  of  incoming  traffic, 
while  10%  of  the  spammers  used  real  addresses  and 
also  respond,  generating  another  22.5K  bytes  of  traf- 
fic.That  adds  up  to  about  32K  bytes  of  returning  mail. 

Add  that  32K  bytes  to  the  234K  bytes  worth  of  chal¬ 
lenges  and  you  get  a  measly  266K  bytes  of  chal¬ 
lenge/response  traffic,  which  is  less  than  9%  of  the 
3M  bytes  of  messages  coming  in  per  employee  per 
day.  And  the  source  verification  system  is  passing  on 
only  10%  of  spam  —  a  90%  spam  reduction  with  no 
human  interaction  and  no  false  positives. 

Let’s  look  at  this  from  a  corporate  perspective:  In  a 
1,000-person  company,  source  verification  adds 
about  266M  bytes  worth  of  traffic  to  the  3G  bytes  of 
messages  flowing  in. 

Now,  let’s  say  you  have  a  T-l  line  that  costs  $600  per 
month,  or  roughly  $20  per  day  Given  that  in  our 
hypothetical  corporation  we’ve  assumed  the  actual 


messaging  volume  would  be  about  50%  of  the  line’s 
capacity, source  verification  is  only  going  to  increase 
your  costs  from  $10  to  $1 1  per  day 

Compare  that  increased  cost  with  the  value  of 
reducing  the  productivity  cost.  For  that  same  organi¬ 
zation  reducing  spam  by  90%  cuts  productivity  costs 
from  a  total  of  around  $2,250  per  day  to  just  $340 
(see  the  spreadsheet  at  www.nwfusion.com,  Doc 
Finder  7453  for  how  to  calculate  the  productivity 
cost  —  to  get  the  latter  number,  change  Line  6  to 
10%  and  Line  14  to  55%). This  makes  the  increased 
bandwidth  cost  as  important  as  a  rounding  error  in 
the  coffee  fund. 

Given  the  cost  of  bandwidth  compared  with  the 
cost  of  handling  spam,  1  think  source  verification  is  a 
powerful  and  low-cost  solution. 

Of  course,  there  are  concerns.  Reader  Jim  Becker 
wrote, “It  may  be  a  good  idea  to  bring  up  the  fact 
that  these  systems  are  not  compatible  with  many 
electronic  transactions  that  we  use  these  days  . . . 
many  messages  are  server-produced  in  e-commerce, 
for  example,  and  [challenge/response]  systems  will 
eliminate  valid  messages.” 

Becker  is  right  and  an  answer  is  to  use  “special”  e- 
mail  addresses  for  those  transactions  or  add  those 
sites  to  the  source  verification  whitelist. 

Bounce  your  thoughts  to  Backspin  at  gibbs.com. 
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And  the  winner  is . . . 

Everybody!  It’s  mouse  pads  all  around 
for  the  SoAnnoying  competition,  in 
which  I  asked  for  people  to  send  in  their  SoBig.F  message  counts  and  their 
best  SoBig  stories.  No,  I’m  not  copping  out  or  just  trying  to  clear  out  this  stack 
of  Network  World  Fusion  mouse  pads  on  my  desk.  I  decided  anybody  who  goes 
to  the  trouble  to  total  up  worm-related  messages  deserves  some  sort  of  prize 
(or  counseling?). 

Harry  Dillon  of  CSX  gets  a  mouse  pad  for  reminding  us  this  wasn’t  all  fun 
and  games:  "We  have  had  to  have  24-7  teams  of  people  updating  PCs  and  lap¬ 
tops  for  days.  We  had  to  shut  down  our  test  systems.  We  had  to  take  PCs  off  our 
network  just  to  stop  the  virus  from  bringing  down  our  routers.  And  when  we  have 
network  problems,  trains  stop. Thousands  of  commuters  can  be  stuck  on  their 
trains.  Entire  communities  can  be  divided  by  trains  halted  while  blocking  cross¬ 
ings.  It  was  both  financially  and  emotionally  costly,  causing  much  apprehension 
that  we  might  not  get  the  network  up  at  all!  We  faced  the  real  possibility  of  keep¬ 
ing  all  the  Windows  servers  offline,  and  losing  tremendous  functionality  so  that 
some  of  our  non-Windows  servers  could  continue  to  work”  (read  more  about 
SoBig’s  impact  on  large  companies  at  www.nwfusion.com,  DocFinder:  7433). 

The  award  for  proving  that  some  people  should  not  be  allowed  near  comput¬ 
ers  goes  to  Brian  Poirier,  who  writes:  "I'm  working  on  my  system  and  our  recep¬ 
tionist  is  in  the  room  using  the  other  system  to  access  herYahoo  account. 
Suddenly  I  hear  a  few  ‘boings’  and  the  poor  girl  saying  ‘I  keep  trying  to  open  it  but 
nothing  happens.’  I  look  over  and  see  her  ‘ignoring’  the  Norton  security  warnings 
and  about  a  dozen  windows  minimized  to  the  task  bar.  I  get  up  and  look  and  she 
kept  trying  to  open  one  of  the  attachments  that  SoBig  uses,  over  and  over  again.  I 
kick  her  off  the  machine  and  start  trying  to  fix  the  havoc  she  has  wrought  and  ask 
her  if  she  recognized  the  name  of  the  person  who  sent  it  to  her? 


"No.” 

"’Why  did  you  open  an  attachment  from  someone  you  don’t  know?' 

“It  might  have  been  from  a  friendIThey  might  have  made  up  a  new  e-mail 
address  and  didn't  tell  me!” 

The  Smugness  Award  goes  to  Mac  users  who  reported  zero  SoBig  messages. 

In  terms  of  numbers:  David  Ring  reported  15,000  infected  messages  at  his  Web¬ 
master  address  as  of  last  Tuesday  morning  —  and  coming  in  as  fast  as  two  to 
three  per  minute  (more  on  his  case  at  DocFinder:  7434).  Last  week,  Oliver,  another 
reader,  reported  as  many  as  6,000  an  hour  flooding  his  mail  server  (see  Doc 
Finder:  7439).  Ken  Christensen  reported  3,386  infected  messages  in  his  personal 
in-box  over  a  24-hour  period  ending  at  6  p.m.  on  Aug.  20. 

IT  vs.  security 

Troy  Jessup  writes  security  is  too  important  to  be  done  part  time  by  IT  folks: 

“IT  guys  are  the  ones  you  call  to  get  things  to  work.They  are  the  lifeline  tech¬ 
nically  for  most  networks.They  will  generally  stop  at  nothing,  even  up  to  cir¬ 
cumventing  security  to  get  something  to  work.  Whereas  on  the  other  hand,  the 
security  guy  is  more  cautious  about  access,  and  will  generally  not  compromise 
security  of  the  network  to  make  something  happen  the  easy  way.These  are  just 
two  of  many  differences  in  the  two  groups.” 

Read  his  fully  essay  at  DocFinder:  7440. 

Laptops  on  vacation 

“Memo  to  all  staff:  If  you  take  your  laptop  on  vacation  and  use  it  to  go  online  but 
don’t  connect  to  the  company  LAN  to  download  the  latest  anti-virus  definitions, 
do  not,  repeat,  do  not  plug  it  into  the  network  first  thing  when  you  get  back. 
Instead,  walk  it  down  to  the  IS  department  so  somebody  can  disinfect  it  first” 

Has  anybody  had  to  send  out  a  memo  like  that  recently? 

'NetBuzz  returns  next  week  But  keep  reading  Gaffin  daily  at  DocFinder:  7441. 


IBM  Total  Storage  ' 

The  human  body  has  an  amazing  capacity  to  adapt  to  shifting 
demands.  So  do  IBM  TotalStorage  products. The  IBM  TotalStorage 
Virtualization  Family  manages  your  individual  storage  resources 
as  one  common  virtual  pool.  It  can  then  allocate  storage  to  your 
servers,  helping  to  improve  availability  and  utilization.  On  demand. 
Helping  to  lower  your  costs. 

TotalStorage:  storage  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/totalstorage/ondemand 


IBM  TotalStorage  Virtualization  Family  consists  of  the  SAN  Integration  Server  and  the  SAN  Volume  Controller.  IBM.  the  IBM  logo  and  TotalStorage  are  trademarks  of  International  Business  Machines  Corporation  Other  company 
product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2003  IBM  Corporation  All  rights  reserved. 
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(at  half 
the  price). 


Dare  to  Compare! 

NetVanta 

3305 

Industry-Leading 

Brand 

Stateful  Inspection  Firewall 

✓ 

sss 

Dual  Network  interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

sss 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Unlimited  Telephone  Support 

✓ 

sss 

Free  Maintenance  Releases 

✓ 

Not  Available 

Virtual  Private  Networking 

s 

sss 

Dial  Backup 

$ 

sss 

PBX  Connectivity 

s 

sssss 

Warranty 

5  Year 

1  Year 

The  NetVanta  3305  from  ADTRAN. 


For  some  time  now,  you’ve  been  buying  access  routers  a 
certain  way.  Perhaps  without  giving  it  a  second  thought. 

Now  there’s  good  reason  to  look  around — the  NetVanta  3000 
Series  from  ADTRAN.  These  routers  do  the  same  work  as 
other  brand  name  routers,  at  a  cost  that’s  up  to  55  percent 
less.  Designed  with  a  familiar  CLI,  NetVanta  3000  Series  routers 
fit  seamlessly  into  existing  operations.  No  costly  training  or 
recertification.  Built  to  ADTRAN  quality  standards,  this 
low-cost  alternative  is  backed  by  a  5-year  warranty  and 
free  pre-  and  post-sales  telephone  technical  support. 


Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Why  pay  more? 


Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 

www.adtran.com/info/whypaymore 


877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 


New  Technology 

Awards.. 


Experts  choose  ADTRAN.M 


Adirati 
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